EIP-2026-118448
PRE-CVEdwebpro 6.8.26 - Directory Traversal / File Disclosure
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-118448. PoCs published by Alfons Luja.
AI-analyzed exploit summary This exploit demonstrates directory traversal and file disclosure vulnerabilities in dWebPro v6.8.26 via path manipulation and Alternative Data Streams (ADS). The PoC includes URLs to traverse directories and access arbitrary files within the DOCUMENT_ROOT.
Description
dwebpro 6.8.26 - Directory Traversal / File Disclosure
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Alfons Luja · textremotewindows
https://www.exploit-db.com/exploits/8537
This exploit demonstrates directory traversal and file disclosure vulnerabilities in dWebPro v6.8.26 via path manipulation and Alternative Data Streams (ADS). The PoC includes URLs to traverse directories and access arbitrary files within the DOCUMENT_ROOT.
Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target:
dWebPro v6.8.26
No auth needed
Prerequisites:
Access to the target web server
devstral-2 · analyzed Feb 16, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026