EIP-2026-111895

PRE-CVE

sar2html 3.2.1 - 'plot' Remote Code Execution

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-111895. PoCs published by Musyoka Ian.

AI-analyzed exploit summary This exploit targets a command injection vulnerability in sar2html 3.2.1 via the 'plot' parameter in index.php. It allows remote code execution by appending commands to the parameter and parsing the output.

Description

sar2html 3.2.1 - 'plot' Remote Code Execution

Exploits (1)

exploitdb WORKING POC VERIFIED

by Musyoka Ian · pythonwebappsphp

https://www.exploit-db.com/exploits/49344

View Code ZIP pw:eip

This exploit targets a command injection vulnerability in sar2html 3.2.1 via the 'plot' parameter in index.php. It allows remote code execution by appending commands to the parameter and parsing the output.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: sar2html 3.2.1

No auth needed

Prerequisites: Network access to the target application · sar2html 3.2.1 installed and running

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026