EIP-2026-111018
PRE-CVEPHPCollab 2.5 - 'uploadfile.php' Crafted Request Arbitrary Non-PHP File Upload
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-111018. PoCs published by team ' & 1=1--.
AI-analyzed exploit summary This exploit demonstrates an arbitrary file upload vulnerability in phpCollab 2.5, allowing attackers to upload and execute arbitrary code by bypassing authentication and file type restrictions. The PoC includes a crafted HTTP POST request with a multipart form to upload a malicious file.
Description
PHPCollab 2.5 - 'uploadfile.php' Crafted Request Arbitrary Non-PHP File Upload
Exploits (1)
This exploit demonstrates an arbitrary file upload vulnerability in phpCollab 2.5, allowing attackers to upload and execute arbitrary code by bypassing authentication and file type restrictions. The PoC includes a crafted HTTP POST request with a multipart form to upload a malicious file.