EIP-2026-108514

PRE-CVE

Joomla! Component com_remository - Arbitrary File Upload

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-108514. PoCs published by J3yk0ob.

AI-analyzed exploit summary This is a writeup describing a remote file upload vulnerability in Joomla's com_remository component, allowing attackers to upload arbitrary PHP files. The steps outline how to exploit the vulnerability to achieve remote code execution (RCE).

Description

Joomla! Component com_remository - Arbitrary File Upload

Exploits (1)

exploitdb WRITEUP

by J3yk0ob · textwebappsphp

https://www.exploit-db.com/exploits/14811

View Code ZIP pw:eip

This is a writeup describing a remote file upload vulnerability in Joomla's com_remository component, allowing attackers to upload arbitrary PHP files. The steps outline how to exploit the vulnerability to achieve remote code execution (RCE).

Classification

Writeup 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Joomla com_remository component

Auth required

Prerequisites: User registration on the target site · Access to the com_remository component

MITRE ATT&CK

T1105 - Ingress Tool Transfer

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026