EIP-2026-107453

PRE-CVE

Golabi CMS 1.0 - Remote File Inclusion

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-107453. PoCs published by CrazyAngel.

AI-analyzed exploit summary This is a writeup describing a Remote File Inclusion (RFI) vulnerability in Golabi CMS version 1.0. The vulnerability arises from an unhandled variable inclusion in the default template file, allowing remote attackers to include malicious files via the 'cur_module' parameter.

Description

Golabi CMS 1.0 - Remote File Inclusion

Exploits (1)

exploitdb WRITEUP VERIFIED
by CrazyAngel · textwebappsphp
https://www.exploit-db.com/exploits/8112

This is a writeup describing a Remote File Inclusion (RFI) vulnerability in Golabi CMS version 1.0. The vulnerability arises from an unhandled variable inclusion in the default template file, allowing remote attackers to include malicious files via the 'cur_module' parameter.

Classification
Writeup 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Golabi CMS 1.0
No auth needed
Prerequisites: register_globals must be enabled on the target server
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026