EIP-2026-105365

PRE-CVE

b374k 3.2.3/2.8 (Web Shell) - Cross-Site Request Forgery / Command Injection

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-105365. PoCs published by hyp3rlinx.

AI-analyzed exploit summary This exploit demonstrates a CSRF-based remote command injection vulnerability in b374k PHP Webshell versions 3.2.3 and 2.8. It leverages the lack of CSRF protection to execute arbitrary OS commands (e.g., `calc.exe`) via crafted HTML forms.

Description

b374k 3.2.3/2.8 (Web Shell) - Cross-Site Request Forgery / Command Injection

Exploits (1)

exploitdb WORKING POC

by hyp3rlinx · textwebappsphp

https://www.exploit-db.com/exploits/38688

View Code ZIP pw:eip

This exploit demonstrates a CSRF-based remote command injection vulnerability in b374k PHP Webshell versions 3.2.3 and 2.8. It leverages the lack of CSRF protection to execute arbitrary OS commands (e.g., `calc.exe`) via crafted HTML forms.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: b374k PHP Webshell 3.2.3 and 2.8

Auth required

Prerequisites: Victim must be logged into the b374k webshell · Attacker must trick victim into visiting a malicious page or clicking a link

MITRE ATT&CK

T1189 - Drive-by Compromise T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026