EIP-2026-107055

PRE-CVE

Fast Free Media 1.3 Adult Site - Arbitrary File Upload

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-107055. PoCs published by indoushka.

AI-analyzed exploit summary This exploit demonstrates an arbitrary file upload vulnerability in Fast Free Media v1.3, allowing attackers to upload malicious files (e.g., shells) via the admin upload interface. The exploit leverages a Flash-based uploader and a remote file inclusion mechanism to achieve RCE.

Description

Fast Free Media 1.3 Adult Site - Arbitrary File Upload

Exploits (1)

exploitdb WORKING POC

by indoushka · htmlwebappsphp

https://www.exploit-db.com/exploits/12569

View Code ZIP pw:eip

This exploit demonstrates an arbitrary file upload vulnerability in Fast Free Media v1.3, allowing attackers to upload malicious files (e.g., shells) via the admin upload interface. The exploit leverages a Flash-based uploader and a remote file inclusion mechanism to achieve RCE.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Fast Free Media v1.3

Auth required

Prerequisites: Access to admin interface · FFMPEG installed (optional for conversion)

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1505.003 - Web Shell

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026