Exploitation Summary
EIP tracks 1 public exploit for EIP-2026-114602. PoCs published by Ariel Orellana.
AI-analyzed exploit summary This Python script exploits an information disclosure vulnerability in Zend Framework by fetching the 'application.ini' file, which may contain database credentials. It sends an HTTP request to the target URL and extracts configuration details using regex.
Description
Zend-Framework - Full Information Disclosure
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Ariel Orellana · pythonwebappsphp
https://www.exploit-db.com/exploits/29921
This Python script exploits an information disclosure vulnerability in Zend Framework by fetching the 'application.ini' file, which may contain database credentials. It sends an HTTP request to the target URL and extracts configuration details using regex.
Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target:
Zend Framework (version not specified)
No auth needed
Prerequisites:
Target URL with exposed '/application/configs/application.ini'
MITRE ATT&CK
devstral-2 · analyzed Feb 18, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026