EIP-2026-112733

The provided text describes a local file inclusion (LFI) and cross-site scripting (XSS) vulnerability in ToendaCMS 1.6.2. It includes a proof-of-concept URL demonstrating the LFI via directory traversal but lacks executable exploit code.