EIP-2026-111827

PRE-CVE

RunCMS 1.6 - 'disclaimer.php' Remote File Overwrite

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-111827. PoCs published by BugReport.IR.

AI-analyzed exploit summary This PHP script is a scanner that queries Yahoo! Search for RunCMS installations and checks for the presence of a vulnerable 'forum_config.php' file. It automates the process of identifying potential targets for a known vulnerability in RunCMS.

Description

RunCMS 1.6 - 'disclaimer.php' Remote File Overwrite

Exploits (1)

exploitdb SCANNER VERIFIED

by BugReport.IR · phpwebappsphp

https://www.exploit-db.com/exploits/4658

View Code ZIP pw:eip

This PHP script is a scanner that queries Yahoo! Search for RunCMS installations and checks for the presence of a vulnerable 'forum_config.php' file. It automates the process of identifying potential targets for a known vulnerability in RunCMS.

Classification

Scanner 90%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: RunCMS 1.6 Halloween, 1.5.x (and prior versions)

No auth needed

Prerequisites: Access to Yahoo! Search · Network connectivity to target hosts

MITRE ATT&CK

T1595 - Active Scanning

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026