EIP-2026-114517

PRE-CVE

Yellow Duck Framework 2.0 Beta1 - Local File Disclosure

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-114517. PoCs published by L3b-r1'z.

AI-analyzed exploit summary This is a vulnerability writeup describing a local file disclosure vulnerability in the Yellow Duck Framework. The issue arises from inadequate input validation, allowing attackers to read local files via path traversal.

Description

Yellow Duck Framework 2.0 Beta1 - Local File Disclosure

Exploits (1)

exploitdb WRITEUP VERIFIED

by L3b-r1'z · textwebappsphp

https://www.exploit-db.com/exploits/37314

View Code ZIP pw:eip

This is a vulnerability writeup describing a local file disclosure vulnerability in the Yellow Duck Framework. The issue arises from inadequate input validation, allowing attackers to read local files via path traversal.

Classification

Writeup 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Theoretical

Target: Yellow Duck Framework Beta1 2.0

No auth needed

Prerequisites: Access to the vulnerable web application

MITRE ATT&CK

T1005 - Data from Local System

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026