EIP-2026-108163
PRE-CVEJoomla! / Mambo Component eXtplorer - Code Execution
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-108163. PoCs published by Juan Galiana Lara.
AI-analyzed exploit summary This exploit demonstrates a local file inclusion (LFI) and directory traversal vulnerability in eXtplorer due to insufficient sanitization of the 'lang' parameter. It allows remote code execution by including uploaded malicious PHP files or reading sensitive files like /etc/passwd.
Description
Joomla! / Mambo Component eXtplorer - Code Execution
Exploits (1)
This exploit demonstrates a local file inclusion (LFI) and directory traversal vulnerability in eXtplorer due to insufficient sanitization of the 'lang' parameter. It allows remote code execution by including uploaded malicious PHP files or reading sensitive files like /etc/passwd.