EIP-2026-109243

PRE-CVE

Magic Uploader Mini - Arbitrary File Upload

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-109243. PoCs published by indoushka.

AI-analyzed exploit summary This is a writeup describing an arbitrary file upload vulnerability in Magic Uploader Mini. It provides instructions on how to exploit the vulnerability using Tamper Data to upload files and access them via the uploads directory.

Description

Magic Uploader Mini - Arbitrary File Upload

Exploits (1)

exploitdb WRITEUP VERIFIED

by indoushka · textwebappsphp

https://www.exploit-db.com/exploits/12226

View Code ZIP pw:eip

This is a writeup describing an arbitrary file upload vulnerability in Magic Uploader Mini. It provides instructions on how to exploit the vulnerability using Tamper Data to upload files and access them via the uploads directory.

Classification

Writeup 90%

Attack Type

Other

Complexity

Trivial

Reliability

Theoretical

Target: Magic Uploader Mini

No auth needed

Prerequisites: Access to the target application · Tamper Data or similar tool for request manipulation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026