EIP-2026-112446

PRE-CVE

Strawberry 1.1.1 - 'html.php' Remote Code Execution

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-112446. PoCs published by Eugene Minaev.

AI-analyzed exploit summary This exploit leverages a remote code execution vulnerability in Strawberry by injecting malicious PHP code via the 'text' and 's' parameters in the highlight plugin. The payload uses PHP's eval function to include and execute a remote shell script.

Description

Strawberry 1.1.1 - 'html.php' Remote Code Execution

Exploits (1)

exploitdb WORKING POC VERIFIED

by Eugene Minaev · textwebappsphp

https://www.exploit-db.com/exploits/30992

View Code ZIP pw:eip

This exploit leverages a remote code execution vulnerability in Strawberry by injecting malicious PHP code via the 'text' and 's' parameters in the highlight plugin. The payload uses PHP's eval function to include and execute a remote shell script.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Strawberry (version not specified)

No auth needed

Prerequisites: Network access to the vulnerable Strawberry instance · Ability to host a remote shell script on an attacker-controlled server

MITRE ATT&CK

T1189 - Drive-by Compromise T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026