EIP-2026-108199

PRE-CVE

Joomla! Component Almond Classifieds - Arbitrary File Upload

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-108199. PoCs published by DevilScreaM.

AI-analyzed exploit summary The provided text describes a file upload vulnerability in the Almond Classifieds Component for Joomla, which allows arbitrary file uploads due to insufficient input sanitization. This can lead to arbitrary code execution within the context of the vulnerable application.

Description

Joomla! Component Almond Classifieds - Arbitrary File Upload

Exploits (1)

exploitdb WRITEUP VERIFIED

by DevilScreaM · textwebappsphp

https://www.exploit-db.com/exploits/39016

View Code ZIP pw:eip

The provided text describes a file upload vulnerability in the Almond Classifieds Component for Joomla, which allows arbitrary file uploads due to insufficient input sanitization. This can lead to arbitrary code execution within the context of the vulnerable application.

Classification

Writeup 80%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Almond Classifieds Component for Joomla

No auth needed

Prerequisites: Access to the vulnerable Joomla component

MITRE ATT&CK

T1105 - Ingress Tool Transfer

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026