EIP-2026-113443

This exploit leverages a Local File Disclosure vulnerability in WinduCMS <= 3.1 by abusing a vulnerable PHPMailer version (5.2.1) through a contact form. It sends a crafted payload via a multipart form request to disclose local files (e.g., /etc/passwd).