EIP-2026-105424
PRE-CVEBBS E-Market Professional bf_130 1.3.0 - Multiple File Disclosure Vulnerabilities
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-105424. PoCs published by Jeong Jin-Seok.
AI-analyzed exploit summary The exploit demonstrates a directory traversal vulnerability in BBS E-Market Professional, allowing remote attackers to disclose arbitrary files by manipulating the 'pageurl' and 'filename' parameters with '../' sequences. The vulnerability is due to insufficient sanitization of user-supplied input.
Description
BBS E-Market Professional bf_130 1.3.0 - Multiple File Disclosure Vulnerabilities
Exploits (1)
The exploit demonstrates a directory traversal vulnerability in BBS E-Market Professional, allowing remote attackers to disclose arbitrary files by manipulating the 'pageurl' and 'filename' parameters with '../' sequences. The vulnerability is due to insufficient sanitization of user-supplied input.