EIP-2026-105794

PRE-CVE

CF Image Host 1.65 - PHP Command Injection

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-105794. PoCs published by hyp3rlinx.

AI-analyzed exploit summary This is a detailed technical writeup describing a PHP command injection vulnerability in CF Image Host 1.65-1.6.6. The vulnerability allows authenticated attackers to inject malicious PHP code into the 'Site Title' or 'Site Slogan' fields, which is then stored in 'set.php' and executed when certain tabs are accessed.

Description

CF Image Host 1.65 - PHP Command Injection

Exploits (1)

exploitdb WRITEUP

by hyp3rlinx · textwebappsphp

https://www.exploit-db.com/exploits/38699

View Code ZIP pw:eip

This is a detailed technical writeup describing a PHP command injection vulnerability in CF Image Host 1.65-1.6.6. The vulnerability allows authenticated attackers to inject malicious PHP code into the 'Site Title' or 'Site Slogan' fields, which is then stored in 'set.php' and executed when certain tabs are accessed.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: CF Image Host 1.65 - 1.6.6

Auth required

Prerequisites: Access to the admin panel · Valid credentials

MITRE ATT&CK

T1202 - Indirect Command Execution T1505 - Server Software Component

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026