EIP-2026-109978
PRE-CVENucleus CMS 3.0 / Blog:CMS 3 / PunBB 1.x - 'Common.php' Remote File Inclusion
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-109978. PoCs published by Radek Hulan.
AI-analyzed exploit summary The provided text describes a remote file inclusion vulnerability in Nucleus CMS, Blog:CMS, and PunBB due to insufficient sanitization of input passed to the 'common.php' script. The vulnerability allows an attacker to include and execute arbitrary code from a remote server.
Description
Nucleus CMS 3.0 / Blog:CMS 3 / PunBB 1.x - 'Common.php' Remote File Inclusion
Exploits (1)
The provided text describes a remote file inclusion vulnerability in Nucleus CMS, Blog:CMS, and PunBB due to insufficient sanitization of input passed to the 'common.php' script. The vulnerability allows an attacker to include and execute arbitrary code from a remote server.