EIP-2026-107083

PRE-CVE

File Management System 1.1 - Persistent Cross-Site Scripting

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-107083. PoCs published by KeopssGroup0day_Inc.

AI-analyzed exploit summary This exploit demonstrates a persistent Cross-Site Scripting (XSS) vulnerability in File Management System 1.1. The payload is injected into the 'name' field of the admin panel, which is then rendered without proper sanitization in the 'view_admin.php' page.

Description

File Management System 1.1 - Persistent Cross-Site Scripting

Exploits (1)

exploitdb WORKING POC

by KeopssGroup0day_Inc · textwebappsphp

https://www.exploit-db.com/exploits/48635

View Code ZIP pw:eip

This exploit demonstrates a persistent Cross-Site Scripting (XSS) vulnerability in File Management System 1.1. The payload is injected into the 'name' field of the admin panel, which is then rendered without proper sanitization in the 'view_admin.php' page.

Classification

Working Poc 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: File Management System 1.1

Auth required

Prerequisites: Access to the admin panel · Ability to add or edit admin entries

MITRE ATT&CK

T1059.007 - JavaScript

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026