EIP-2026-105388

PRE-CVE

BanManager WebUI 1.5.8 - PHP Code Injection

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-105388. PoCs published by HaHwul.

AI-analyzed exploit summary This exploit demonstrates a PHP code injection and stored XSS vulnerability in BanManager WebUI 1.5.8. The vulnerability allows an attacker to inject arbitrary PHP code into the 'settings.php' file via unvalidated input parameters such as 'footer', 'buttons_before', and 'buttons_after'.

Description

BanManager WebUI 1.5.8 - PHP Code Injection

Exploits (1)

exploitdb WORKING POC

by HaHwul · textwebappsphp

https://www.exploit-db.com/exploits/41989

View Code ZIP pw:eip

This exploit demonstrates a PHP code injection and stored XSS vulnerability in BanManager WebUI 1.5.8. The vulnerability allows an attacker to inject arbitrary PHP code into the 'settings.php' file via unvalidated input parameters such as 'footer', 'buttons_before', and 'buttons_after'.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: BanManager WebUI 1.5.8

Auth required

Prerequisites: Access to the admin panel · Valid authentication credentials

MITRE ATT&CK

T1210 - Exploitation of Remote Services T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026