EIP-2026-107019

PRE-CVE

ezStats2 - 'style.php' Local File Inclusion

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-107019. PoCs published by L0n3ly-H34rT.

AI-analyzed exploit summary This exploit demonstrates a local file inclusion vulnerability in ezStats2 due to improper input sanitization. Attackers can use directory traversal sequences to access arbitrary files on the server, such as 'win.ini'.

Description

ezStats2 - 'style.php' Local File Inclusion

Exploits (1)

exploitdb WORKING POC VERIFIED
by L0n3ly-H34rT · textwebappsphp
https://www.exploit-db.com/exploits/38294

This exploit demonstrates a local file inclusion vulnerability in ezStats2 due to improper input sanitization. Attackers can use directory traversal sequences to access arbitrary files on the server, such as 'win.ini'.

Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: ezStats2 (version unspecified)
No auth needed
Prerequisites: Network access to the target web server · Vulnerable ezStats2 installation
devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026