This exploit demonstrates a remote file inclusion vulnerability in EasySiteEdit's sublink.php due to unsanitized user input in the 'langval' parameter. An attacker can include arbitrary remote files, potentially leading to remote code execution.
Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target:EasySiteEdit v2
No auth needed
Prerequisites:Remote file hosting with malicious payload