EIP-2026-110808

PRE-CVE

PHP-Fusion 6.1.18 - Multiple Information Disclosure Vulnerabilities

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-110808. PoCs published by Inj3ct0r.

AI-analyzed exploit summary The provided code describes information-disclosure vulnerabilities in PHP-Fusion, where attackers can exploit URI parameters to harvest sensitive information. The example URIs demonstrate how improper input handling can lead to data exposure.

Description

PHP-Fusion 6.1.18 - Multiple Information Disclosure Vulnerabilities

Exploits (1)

exploitdb WRITEUP VERIFIED

by Inj3ct0r · textwebappsphp

https://www.exploit-db.com/exploits/33189

View Code ZIP pw:eip

The provided code describes information-disclosure vulnerabilities in PHP-Fusion, where attackers can exploit URI parameters to harvest sensitive information. The example URIs demonstrate how improper input handling can lead to data exposure.

Classification

Writeup 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: PHP-Fusion (version not specified)

No auth needed

Prerequisites: Access to the target application's URI endpoints

MITRE ATT&CK

T1592 - Gather Victim Host Information

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026