EIP-2026-109986

PRE-CVE

Nuke Evolution Xtreme 2.0 - Local File Inclusion / SQL Injection

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-109986. PoCs published by KedAns-Dz.

AI-analyzed exploit summary The provided text describes local file inclusion (LFI) and SQL injection vulnerabilities in Nuke Evolution Xtreme 2.0. It includes example URLs demonstrating directory traversal and SQLi attacks but lacks executable exploit code.

Description

Nuke Evolution Xtreme 2.0 - Local File Inclusion / SQL Injection

Exploits (1)

exploitdb WRITEUP VERIFIED

by KedAns-Dz · textwebappsphp

https://www.exploit-db.com/exploits/35653

View Code ZIP pw:eip

The provided text describes local file inclusion (LFI) and SQL injection vulnerabilities in Nuke Evolution Xtreme 2.0. It includes example URLs demonstrating directory traversal and SQLi attacks but lacks executable exploit code.

Classification

Writeup 90%

Attack Type

Sqli | Info Leak

Complexity

Trivial

Reliability

Theoretical

Target: Nuke Evolution Xtreme 2.0

No auth needed

Prerequisites: Access to the target web application

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1005 - Data from Local System

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026