Exploitation Summary
EIP tracks 1 public exploit for EIP-2026-106307. PoCs published by T0x!c.
AI-analyzed exploit summary This exploit demonstrates a remote file upload vulnerability in CuteNews 2.0.3, allowing an attacker to upload a malicious PHP file by manipulating the file extension during the avatar upload process. The exploit requires user authentication and leverages a lack of proper file extension validation.
Description
CuteNews 2.0.3 - Arbitrary File Upload
Exploits (1)
This exploit demonstrates a remote file upload vulnerability in CuteNews 2.0.3, allowing an attacker to upload a malicious PHP file by manipulating the file extension during the avatar upload process. The exploit requires user authentication and leverages a lack of proper file extension validation.