EIP-2026-108171

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-108171. PoCs published by Nikola Petrov.

AI-analyzed exploit summary This exploit targets Joomla 1.5.12 by leveraging an unauthorized file upload vulnerability to upload a PHP shell, followed by a local file inclusion (LFI) vulnerability to execute the shell and establish a reverse connection. The exploit automates the process of discovering the web root and bypassing authentication via TinyBrowser plugin weaknesses.

Description

Joomla! 1.5.12 - Connect Back

Exploits (1)

exploitdb WORKING POC

by Nikola Petrov · phpwebappsphp

https://www.exploit-db.com/exploits/11262

View Code ZIP pw:eip

This exploit targets Joomla 1.5.12 by leveraging an unauthorized file upload vulnerability to upload a PHP shell, followed by a local file inclusion (LFI) vulnerability to execute the shell and establish a reverse connection. The exploit automates the process of discovering the web root and bypassing authentication via TinyBrowser plugin weaknesses.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Joomla 1.5.12

No auth needed

Prerequisites: Network access to the target Joomla instance · TinyBrowser plugin enabled · Outbound connectivity for reverse shell

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1210 - Exploitation of Remote Services T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Joomla! 1.5.12 - Connect Back

Exploitation Summary

Description

Exploits (1)

Details