EIP-2026-109904
PRE-CVENew-CMS 1.08 - Multiple Local File Inclusion / HTML Injection Vulnerabilities
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-109904. PoCs published by Alberto Fontanella.
AI-analyzed exploit summary The provided text describes multiple local file-include vulnerabilities and an HTML-Injection vulnerability in New-CMS 1.08. It outlines how an attacker can exploit these vulnerabilities using directory-traversal strings to execute arbitrary scripts and perform HTML injection.
Description
New-CMS 1.08 - Multiple Local File Inclusion / HTML Injection Vulnerabilities
Exploits (1)
The provided text describes multiple local file-include vulnerabilities and an HTML-Injection vulnerability in New-CMS 1.08. It outlines how an attacker can exploit these vulnerabilities using directory-traversal strings to execute arbitrary scripts and perform HTML injection.