EIP-2026-106702
PRE-CVEEasy Web Portal 2.1.2 - Multiple Remote File Inclusions
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-106702. PoCs published by MEFISTO.
AI-analyzed exploit summary The exploit demonstrates a remote file inclusion (RFI) vulnerability in Easy Web Portal 2.1.2 by injecting a malicious URL via the 'chemin' parameter in i-accueil.php and i-index.php. This allows an attacker to execute arbitrary commands (e.g., 'id') by including a remote shell script (c99.txt).
Description
Easy Web Portal 2.1.2 - Multiple Remote File Inclusions
Exploits (1)
The exploit demonstrates a remote file inclusion (RFI) vulnerability in Easy Web Portal 2.1.2 by injecting a malicious URL via the 'chemin' parameter in i-accueil.php and i-index.php. This allows an attacker to execute arbitrary commands (e.g., 'id') by including a remote shell script (c99.txt).