EIP-2026-107486

PRE-CVE

Gravity Board X 1.1 - CSS Template Unauthorized Access

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-107486. PoCs published by rgod.

AI-analyzed exploit summary Gravity Board X (GBX) is vulnerable to an unauthorized access issue allowing attackers to modify CSS templates to include arbitrary PHP code, leading to remote code execution in the context of the web server.

Description

Gravity Board X 1.1 - CSS Template Unauthorized Access

Exploits (1)

exploitdb WRITEUP VERIFIED

by rgod · textwebappsphp

https://www.exploit-db.com/exploits/26111

View Code ZIP pw:eip

Gravity Board X (GBX) is vulnerable to an unauthorized access issue allowing attackers to modify CSS templates to include arbitrary PHP code, leading to remote code execution in the context of the web server.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Theoretical

Target: Gravity Board X (GBX)

No auth needed

Prerequisites: Access to the application's template modification functionality

MITRE ATT&CK

T1210 - Exploitation of Remote Services T1505 - Server Software Component

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026