EIP-2026-110861

PRE-CVE

PHP-Nuke 7.6 Surveys Module - HTTP Response Splitting

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-110861. PoCs published by Dcrab.

AI-analyzed exploit summary The exploit demonstrates an HTTP response splitting vulnerability in PHP-Nuke 7.6 by injecting CRLF sequences and arbitrary HTML content via the 'forwarder' parameter in the Surveys module. This allows an attacker to manipulate HTTP responses, potentially leading to cache poisoning or cross-site scripting attacks.

Description

PHP-Nuke 7.6 Surveys Module - HTTP Response Splitting

Exploits (1)

exploitdb WORKING POC VERIFIED

by Dcrab · textwebappsphp

https://www.exploit-db.com/exploits/25430

View Code ZIP pw:eip

The exploit demonstrates an HTTP response splitting vulnerability in PHP-Nuke 7.6 by injecting CRLF sequences and arbitrary HTML content via the 'forwarder' parameter in the Surveys module. This allows an attacker to manipulate HTTP responses, potentially leading to cache poisoning or cross-site scripting attacks.

Classification

Working Poc 90%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: PHP-Nuke 7.6

No auth needed

Prerequisites: Access to the target PHP-Nuke instance · Surveys module enabled

MITRE ATT&CK

T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026