EIP-2026-113308

PRE-CVE

Webify Photo Gallery - Arbitrary File Deletion

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-113308. PoCs published by JIKO.

AI-analyzed exploit summary This is a technical writeup describing an arbitrary file deletion vulnerability in Webify photo gallery. The exploit allows deletion of files in the uploads directory by manipulating the post number in the URL.

Description

Webify Photo Gallery - Arbitrary File Deletion

Exploits (1)

exploitdb WRITEUP VERIFIED

by JIKO · textwebappsphp

https://www.exploit-db.com/exploits/21271

View Code ZIP pw:eip

This is a technical writeup describing an arbitrary file deletion vulnerability in Webify photo gallery. The exploit allows deletion of files in the uploads directory by manipulating the post number in the URL.

Classification

Writeup 80%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: Webify photo gallery

No auth needed

Prerequisites: Access to the target server's photogallery uploads directory

MITRE ATT&CK

T1059.007 - JavaScript

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026