EIP-2026-117114

PRE-CVE

EasyPHP 3.0 - Arbitrary Modify Configuration File

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-117114. PoCs published by Zigma.

AI-analyzed exploit summary The exploit demonstrates an arbitrary file modification vulnerability in EasyPHP 2.0 due to improper input validation in the 'lang' parameter, allowing an attacker to overwrite the EasyPHP.ini configuration file via a null-byte injection.

Description

EasyPHP 3.0 - Arbitrary Modify Configuration File

Exploits (1)

exploitdb WORKING POC VERIFIED

by Zigma · textlocalwindows

https://www.exploit-db.com/exploits/8657

View Code ZIP pw:eip

The exploit demonstrates an arbitrary file modification vulnerability in EasyPHP 2.0 due to improper input validation in the 'lang' parameter, allowing an attacker to overwrite the EasyPHP.ini configuration file via a null-byte injection.

Classification

Working Poc 90%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: EasyPHP 2.0

No auth needed

Prerequisites: EasyPHP 2.0 installed and running on a Windows system

MITRE ATT&CK

T1059.007 - JavaScript

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026