EIP-2026-113303

PRE-CVE

Webify (Multiple Products) - Multiple HTML Injection / Local File Inclusions

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-113303. PoCs published by snup.

AI-analyzed exploit summary This is a vulnerability writeup describing multiple HTML injection and local file include vulnerabilities in various Webify products. It provides URLs for exploitation but does not include actual exploit code.

Description

Webify (Multiple Products) - Multiple HTML Injection / Local File Inclusions

Exploits (1)

exploitdb WRITEUP VERIFIED

by snup · textwebappsphp

https://www.exploit-db.com/exploits/37415

View Code ZIP pw:eip

This is a vulnerability writeup describing multiple HTML injection and local file include vulnerabilities in various Webify products. It provides URLs for exploitation but does not include actual exploit code.

Classification

Writeup 90%

Attack Type

Xss | Info Leak

Complexity

Trivial

Reliability

Theoretical

Target: Webify eDownloads Cart, Webify eDownloads, Webify Project Manager, Webify Blog

No auth needed

Prerequisites: Access to the target web application

MITRE ATT&CK

T1059.007 - JavaScript T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026