EIP-2026-108212

PRE-CVE

Joomla! Component Article Factory Manager - Arbitrary File Upload

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-108212. PoCs published by Sid3^effects.

AI-analyzed exploit summary The document describes an upload vulnerability in Article Factory Manager for Joomla, allowing authenticated users to upload malicious files via the 'Submit new article' feature. It provides steps to exploit the vulnerability but lacks functional exploit code.

Description

Joomla! Component Article Factory Manager - Arbitrary File Upload

Exploits (1)

exploitdb WRITEUP

by Sid3^effects · textwebappsphp

https://www.exploit-db.com/exploits/12539

View Code ZIP pw:eip

The document describes an upload vulnerability in Article Factory Manager for Joomla, allowing authenticated users to upload malicious files via the 'Submit new article' feature. It provides steps to exploit the vulnerability but lacks functional exploit code.

Classification

Writeup 80%

Attack Type

Rce

Complexity

Trivial

Reliability

Theoretical

Target: Article Factory Manager (Joomla component)

Auth required

Prerequisites: Authenticated user access · Submit new article permission

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026