EIP-2026-112127

PRE-CVE

Simple PHP Blog (SPHPBlog) 0.5.1 - Code Execution

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-112127. PoCs published by mAXzA.

AI-analyzed exploit summary This exploit targets sIMPLE php bLOG 0.5.0 by leveraging an arbitrary file upload vulnerability to achieve remote code execution. It automates the process of extracting user credentials, logging in, uploading a malicious PHP file disguised as an emoticon, and executing arbitrary PHP code.

Description

Simple PHP Blog (SPHPBlog) 0.5.1 - Code Execution

Exploits (1)

exploitdb WORKING POC VERIFIED

by mAXzA · phpwebappsphp

https://www.exploit-db.com/exploits/6311

View Code ZIP pw:eip

This exploit targets sIMPLE php bLOG 0.5.0 by leveraging an arbitrary file upload vulnerability to achieve remote code execution. It automates the process of extracting user credentials, logging in, uploading a malicious PHP file disguised as an emoticon, and executing arbitrary PHP code.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: sIMPLE php bLOG 0.5.0

Auth required

Prerequisites: Target URL with vulnerable sIMPLE php bLOG 0.5.0 installation · Network access to the target

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1505.003 - Web Shell

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026