EIP-2026-111769

PRE-CVE

rgboard 4 5p1 (07.07.27) - Multiple Vulnerabilities

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-111769. PoCs published by make0day.

AI-analyzed exploit summary This exploit demonstrates multiple vulnerabilities in rgboard v4 (07.07.27), including XSS, LFI, and RFI. The XSS vulnerability allows cookie theft, while the LFI and RFI vulnerabilities enable file inclusion attacks. The provided PoC includes a script to change a user's password to '12345' via XSS.

Description

rgboard 4 5p1 (07.07.27) - Multiple Vulnerabilities

Exploits (1)

exploitdb WORKING POC VERIFIED

by make0day · textwebappsphp

https://www.exploit-db.com/exploits/7978

View Code ZIP pw:eip

This exploit demonstrates multiple vulnerabilities in rgboard v4 (07.07.27), including XSS, LFI, and RFI. The XSS vulnerability allows cookie theft, while the LFI and RFI vulnerabilities enable file inclusion attacks. The provided PoC includes a script to change a user's password to '12345' via XSS.

Classification

Working Poc 90%

Attack Type

Xss | Lfi | Rfi

Complexity

Moderate

Reliability

Reliable

Target: rgboard v4 (07.07.27)

No auth needed

Prerequisites: Access to the target application · Ability to inject malicious scripts or URLs

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026