EIP-2026-112856
PRE-CVEUebimiau Webmail 3.2.0-2.0 - Local File Inclusion
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-112856. PoCs published by blake.
AI-analyzed exploit summary This exploit demonstrates a Local File Inclusion (LFI) vulnerability in Uebimiau Webmail 3.2.0-2.0. The 'stage' parameter in the admin/install/index.php script is not properly sanitized, allowing an attacker to traverse directories and include arbitrary files (e.g., boot.ini) via path traversal sequences.
Description
Uebimiau Webmail 3.2.0-2.0 - Local File Inclusion
Exploits (1)
This exploit demonstrates a Local File Inclusion (LFI) vulnerability in Uebimiau Webmail 3.2.0-2.0. The 'stage' parameter in the admin/install/index.php script is not properly sanitized, allowing an attacker to traverse directories and include arbitrary files (e.g., boot.ini) via path traversal sequences.