EIP-2026-113325

PRE-CVE

WebJeff FileManager 1.6 - File Disclosure

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-113325. PoCs published by Adam Stephens.

AI-analyzed exploit summary This is a vulnerability writeup describing an arbitrary file disclosure vulnerability in Filemanager due to insufficient sanitization of URI parameters. The attacker can exploit this by specifying absolute paths in the 'fichier' parameter to disclose sensitive files like /etc/passwd.

Description

WebJeff FileManager 1.6 - File Disclosure

Exploits (1)

exploitdb WRITEUP VERIFIED

by Adam Stephens · textwebappsphp

https://www.exploit-db.com/exploits/22812

View Code ZIP pw:eip

This is a vulnerability writeup describing an arbitrary file disclosure vulnerability in Filemanager due to insufficient sanitization of URI parameters. The attacker can exploit this by specifying absolute paths in the 'fichier' parameter to disclose sensitive files like /etc/passwd.

Classification

Writeup 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Filemanager (version unspecified)

No auth needed

Prerequisites: Access to the vulnerable Filemanager web interface

MITRE ATT&CK

T1083 - File and Directory Discovery

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026