EIP-2026-107796

PRE-CVE

Imageview - 'upload.php' Arbitrary File Upload

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-107796. PoCs published by TUNISIAN CYBER.

AI-analyzed exploit summary The provided text describes an arbitrary file upload vulnerability in Imageview 6.x, which can lead to remote code execution due to insufficient input sanitization. It references specific upload endpoints but lacks exploit code or technical details.

Description

Imageview - 'upload.php' Arbitrary File Upload

Exploits (1)

exploitdb WRITEUP VERIFIED

by TUNISIAN CYBER · textwebappsphp

https://www.exploit-db.com/exploits/39058

View Code ZIP pw:eip

The provided text describes an arbitrary file upload vulnerability in Imageview 6.x, which can lead to remote code execution due to insufficient input sanitization. It references specific upload endpoints but lacks exploit code or technical details.

Classification

Writeup 80%

Attack Type

Rce

Complexity

Trivial

Reliability

Theoretical

Target: Imageview 6.x

No auth needed

Prerequisites: Access to vulnerable upload endpoint

MITRE ATT&CK

T1105 - Ingress Tool Transfer

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026