EIP-2026-105813

PRE-CVE

ChangshinSoft EZTrans Server - 'download.php' Directory Traversal

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-105813. PoCs published by SSR Team.

AI-analyzed exploit summary The exploit describes a directory traversal vulnerability in ChangshinSoft ezTrans Server's download.php script, allowing arbitrary file disclosure via manipulated filename parameters. No actual exploit code is provided, only example URLs demonstrating the attack.

Description

ChangshinSoft EZTrans Server - 'download.php' Directory Traversal

Exploits (1)

exploitdb WRITEUP VERIFIED
by SSR Team · textwebappsphp
https://www.exploit-db.com/exploits/22886

The exploit describes a directory traversal vulnerability in ChangshinSoft ezTrans Server's download.php script, allowing arbitrary file disclosure via manipulated filename parameters. No actual exploit code is provided, only example URLs demonstrating the attack.

Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: ChangshinSoft ezTrans Server (version unspecified)
No auth needed
Prerequisites: Network access to the vulnerable server
devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026