EIP-2026-111062

PRE-CVE

phpg 1.6 - Cross-Site Scripting / Full Path Disclosure / Denial of Service

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-111062. PoCs published by Anarchy Angel.

AI-analyzed exploit summary This writeup describes multiple vulnerabilities in PHPg 1.6, including XSS, path disclosure, and DoS. It provides URLs and methods to exploit these vulnerabilities but does not include executable code.

Description

phpg 1.6 - Cross-Site Scripting / Full Path Disclosure / Denial of Service

Exploits (1)

exploitdb WRITEUP VERIFIED

by Anarchy Angel · textwebappsphp

https://www.exploit-db.com/exploits/7540

View Code ZIP pw:eip

This writeup describes multiple vulnerabilities in PHPg 1.6, including XSS, path disclosure, and DoS. It provides URLs and methods to exploit these vulnerabilities but does not include executable code.

Classification

Writeup 90%

Attack Type

Xss | Dos | Info Leak

Complexity

Trivial

Reliability

Reliable

Target: PHPg 1.6

No auth needed

Prerequisites: Access to the target application

MITRE ATT&CK

T1059.007 - JavaScript T1499.004 - Application or System Exploitation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026