EIP-2026-111760

PRE-CVE

Resumes Management and Job Application Website 1.0 - RCE (Unauthenticated)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-111760. PoCs published by Arnav Tripathy.

AI-analyzed exploit summary This exploit demonstrates an unauthenticated remote code execution (RCE) vulnerability in Resumes Management and Job Application Website 1.0 by uploading a malicious PHP file (rce.php) via the resume file upload feature. The exploit leverages improper file upload validation to execute arbitrary commands on the server.

Description

Resumes Management and Job Application Website 1.0 - RCE (Unauthenticated)

Exploits (1)

exploitdb WORKING POC

by Arnav Tripathy · textwebappsphp

https://www.exploit-db.com/exploits/49380

View Code ZIP pw:eip

This exploit demonstrates an unauthenticated remote code execution (RCE) vulnerability in Resumes Management and Job Application Website 1.0 by uploading a malicious PHP file (rce.php) via the resume file upload feature. The exploit leverages improper file upload validation to execute arbitrary commands on the server.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Resumes Management and Job Application Website 1.0

No auth needed

Prerequisites: Access to the file upload functionality · Server running the vulnerable software

MITRE ATT&CK

T1105 - Ingress Tool Transfer T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026