EIP-2026-110697

PRE-CVE

PHP File Sharing System 1.5.1 - Multiple Vulnerabilities

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-110697. PoCs published by blake.

AI-analyzed exploit summary This exploit demonstrates multiple vulnerabilities in PHP File Sharing System 1.5.1, including XSS, directory traversal, arbitrary file upload leading to RCE, and file deletion via request interception. The PoC provides clear examples of malicious HTTP requests and file upload techniques.

Description

PHP File Sharing System 1.5.1 - Multiple Vulnerabilities

Exploits (1)

exploitdb WORKING POC VERIFIED

by blake · textwebappsphp

https://www.exploit-db.com/exploits/11660

View Code ZIP pw:eip

This exploit demonstrates multiple vulnerabilities in PHP File Sharing System 1.5.1, including XSS, directory traversal, arbitrary file upload leading to RCE, and file deletion via request interception. The PoC provides clear examples of malicious HTTP requests and file upload techniques.

Classification

Working Poc 90%

Attack Type

Xss | Info Leak | Auth Bypass | Other

Complexity

Trivial

Reliability

Reliable

Target: PHP File Sharing System 1.5.1

No auth needed

Prerequisites: Network access to the target application · Ability to intercept and modify HTTP requests

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1006 - Direct Volume Access

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026