EIP-2026-113201

PRE-CVE

Weatimages - Directory Traversal / Local File Inclusion

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-113201. PoCs published by e.wiZz.

AI-analyzed exploit summary The writeup describes a directory traversal vulnerability in Weatimages, where the application fails to properly sanitize user input in the 'path' parameter, allowing attackers to access files outside the intended directory. The vulnerability is demonstrated with example URLs for both Linux and Windows systems.

Description

Weatimages - Directory Traversal / Local File Inclusion

Exploits (1)

exploitdb WRITEUP VERIFIED

by e.wiZz · textwebappsphp

https://www.exploit-db.com/exploits/10846

View Code ZIP pw:eip

The writeup describes a directory traversal vulnerability in Weatimages, where the application fails to properly sanitize user input in the 'path' parameter, allowing attackers to access files outside the intended directory. The vulnerability is demonstrated with example URLs for both Linux and Windows systems.

Classification

Writeup 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Weatimages (version not specified)

No auth needed

Prerequisites: Access to the vulnerable application

MITRE ATT&CK

T1006 - Direct Volume Access

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026