EIP-2026-112941

PRE-CVE

v2marketplacescript Upload_images Script (-7777) - Arbitrary File Upload

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-112941. PoCs published by cyberlog.

AI-analyzed exploit summary This is a writeup describing an arbitrary file upload vulnerability in the v2marketplacescript software, allowing attackers to upload and execute malicious shell files. The exploit details the vulnerable endpoints and steps to exploit the flaw.

Description

v2marketplacescript Upload_images Script (-7777) - Arbitrary File Upload

Exploits (1)

exploitdb WRITEUP VERIFIED

by cyberlog · textwebappsphp

https://www.exploit-db.com/exploits/12315

View Code ZIP pw:eip

This is a writeup describing an arbitrary file upload vulnerability in the v2marketplacescript software, allowing attackers to upload and execute malicious shell files. The exploit details the vulnerable endpoints and steps to exploit the flaw.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: v2marketplacescript (version unspecified)

No auth needed

Prerequisites: Access to the vulnerable upload_test.php endpoint · Ability to craft a malicious shell file

MITRE ATT&CK

T1105 - Ingress Tool Transfer T1505 - Server Software Component

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026