EIP-2026-107032

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-107032. PoCs published by ALTBTA.

AI-analyzed exploit summary This exploit demonstrates a Local File Inclusion (LFI) vulnerability in Factux 1.1.5. The vulnerability arises from unsanitized user input in the 'lang' parameter, allowing attackers to traverse directories and include arbitrary files.

Description

Factux - Local File Inclusion

Exploits (1)

exploitdb WORKING POC

by ALTBTA · textwebappsphp

https://www.exploit-db.com/exploits/12521

View Code ZIP pw:eip

This exploit demonstrates a Local File Inclusion (LFI) vulnerability in Factux 1.1.5. The vulnerability arises from unsanitized user input in the 'lang' parameter, allowing attackers to traverse directories and include arbitrary files.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Factux 1.1.5

No auth needed

Prerequisites: Access to the vulnerable web application

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Factux - Local File Inclusion

Exploitation Summary

Description

Exploits (1)

Details