EIP-2026-109637
PRE-CVEMultiple File Attachments Mail Form Pro 2.0 - Arbitrary File Upload
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-109637. PoCs published by EgoPL.
AI-analyzed exploit summary This exploit demonstrates an arbitrary file upload vulnerability in Multiple File Attachments Mail Form Pro v2, allowing attackers to upload a webshell due to insecure file permissions (777). The PoC highlights the vulnerable `upload.php` code and provides a simple mitigation.
Description
Multiple File Attachments Mail Form Pro 2.0 - Arbitrary File Upload
Exploits (1)
This exploit demonstrates an arbitrary file upload vulnerability in Multiple File Attachments Mail Form Pro v2, allowing attackers to upload a webshell due to insecure file permissions (777). The PoC highlights the vulnerable `upload.php` code and provides a simple mitigation.