EIP-2026-111846

PRE-CVE

Ruubikcms 1.1.1 - 'tinybrowser.php?folder' Directory Traversal

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-111846. PoCs published by expl0i13r.

AI-analyzed exploit summary The exploit demonstrates a path traversal vulnerability in ruubikcms v1.1.1 via the 'tinybrowser.php' file, allowing directory listing and folder creation on the server. The PoC includes specific URLs to exploit the vulnerability.

Description

Ruubikcms 1.1.1 - 'tinybrowser.php?folder' Directory Traversal

Exploits (1)

exploitdb WORKING POC VERIFIED

by expl0i13r · textwebappsphp

https://www.exploit-db.com/exploits/25973

View Code ZIP pw:eip

The exploit demonstrates a path traversal vulnerability in ruubikcms v1.1.1 via the 'tinybrowser.php' file, allowing directory listing and folder creation on the server. The PoC includes specific URLs to exploit the vulnerability.

Classification

Working Poc 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: ruubikcms v1.1.1

Auth required

Prerequisites: Valid user account credentials · Access to the 'tinybrowser.php' file

MITRE ATT&CK

T1006 - Direct Volume Access

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026