EIP-2026-107068

PRE-CVE

Feindura CMS Groupware - Multiple Local File Inclusion / Cross-Site Scripting Vulnerabilities

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-107068. PoCs published by Justanotherhacker.com.

AI-analyzed exploit summary This is a vulnerability writeup describing multiple local file inclusion (LFI) and cross-site scripting (XSS) vulnerabilities in Feindura CMS. It provides URLs demonstrating how an attacker can exploit these vulnerabilities to read local files or execute arbitrary script code.

Description

Feindura CMS Groupware - Multiple Local File Inclusion / Cross-Site Scripting Vulnerabilities

Exploits (1)

exploitdb WRITEUP VERIFIED

by Justanotherhacker.com · textwebappsphp

https://www.exploit-db.com/exploits/34937

View Code ZIP pw:eip

This is a vulnerability writeup describing multiple local file inclusion (LFI) and cross-site scripting (XSS) vulnerabilities in Feindura CMS. It provides URLs demonstrating how an attacker can exploit these vulnerabilities to read local files or execute arbitrary script code.

Classification

Writeup 90%

Attack Type

Info Leak | Xss

Complexity

Trivial

Reliability

Reliable

Target: Feindura CMS versions 1.0rc and prior

No auth needed

Prerequisites: Access to the target web application

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059.007 - JavaScript

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026