EIP-2026-107328
PRE-CVEGalerie Dezign-Box France - Multiple Vulnerabilities
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-107328. PoCs published by indoushka.
AI-analyzed exploit summary The exploit demonstrates two vulnerabilities in Galerie Dezign-Box: a reflected XSS via the 'nom' parameter and an unrestricted file upload vulnerability allowing shell uploads. The XSS payload is injected via an image tag with an onload event, while the upload exploit leverages unsecured registration and upload endpoints.
Description
Galerie Dezign-Box France - Multiple Vulnerabilities
Exploits (1)
The exploit demonstrates two vulnerabilities in Galerie Dezign-Box: a reflected XSS via the 'nom' parameter and an unrestricted file upload vulnerability allowing shell uploads. The XSS payload is injected via an image tag with an onload event, while the upload exploit leverages unsecured registration and upload endpoints.