EIP-2026-106847

This exploit demonstrates multiple remote file inclusion vulnerabilities in Elxis CMS 2009.2 Electra rev2631. The vulnerabilities allow an attacker to include arbitrary remote files via the `mosConfig_absolute_path` and `str_replace` parameters in various PHP scripts.