EIP-2026-109200

PRE-CVE

Log1 CMS 2.0 - Multiple Vulnerabilities

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-109200. PoCs published by Aodrulez.

AI-analyzed exploit summary The exploit demonstrates multiple vulnerabilities in Log1 CMS 2.0, including arbitrary file renaming and sensitive information disclosure via 'config.php'. It uses Perl to automate the attack, fetching admin credentials and triggering a DoS condition.

Description

Log1 CMS 2.0 - Multiple Vulnerabilities

Exploits (1)

exploitdb WORKING POC

by Aodrulez · textwebappsphp

https://www.exploit-db.com/exploits/16969

View Code ZIP pw:eip

The exploit demonstrates multiple vulnerabilities in Log1 CMS 2.0, including arbitrary file renaming and sensitive information disclosure via 'config.php'. It uses Perl to automate the attack, fetching admin credentials and triggering a DoS condition.

Classification

Working Poc 95%

Attack Type

Info Leak | Dos

Complexity

Trivial

Reliability

Reliable

Target: Log1 CMS 2.0

No auth needed

Prerequisites: Target running Log1 CMS 2.0 · Network access to the web application

MITRE ATT&CK

T1083 - File and Directory Discovery T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026