EIP-2026-105813
PRE-CVEChangshinSoft EZTrans Server - 'download.php' Directory Traversal
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-105813. PoCs published by SSR Team.
AI-analyzed exploit summary The exploit describes a directory traversal vulnerability in ChangshinSoft ezTrans Server's download.php script, allowing arbitrary file disclosure via manipulated filename parameters. No actual exploit code is provided, only example URLs demonstrating the attack.
Description
ChangshinSoft EZTrans Server - 'download.php' Directory Traversal
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by SSR Team · textwebappsphp
https://www.exploit-db.com/exploits/22886
The exploit describes a directory traversal vulnerability in ChangshinSoft ezTrans Server's download.php script, allowing arbitrary file disclosure via manipulated filename parameters. No actual exploit code is provided, only example URLs demonstrating the attack.
Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target:
ChangshinSoft ezTrans Server (version unspecified)
No auth needed
Prerequisites:
Network access to the vulnerable server
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026