Exploitation Summary
EIP tracks 1 public exploit for EIP-2026-120683. PoCs published by red.
AI-analyzed exploit summary This exploit demonstrates a Remote Code Execution (RCE) vulnerability in WBCE CMS 1.6.4 via the Droplets module. Authenticated attackers with admin privileges can inject arbitrary PHP code, leading to system compromise.
Description
WBCE CMS 1.6.4 - Remote Code Execution
Exploits (1)
exploitdb
WORKING POC
by red · textwebappsmultiple
https://www.exploit-db.com/exploits/52489
This exploit demonstrates a Remote Code Execution (RCE) vulnerability in WBCE CMS 1.6.4 via the Droplets module. Authenticated attackers with admin privileges can inject arbitrary PHP code, leading to system compromise.
Classification
Working Poc 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target:
WBCE CMS v1.6.4
Auth required
Prerequisites:
admin credentials · access to the Droplets module
MITRE ATT&CK
mistral-large-3 · analyzed May 19, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
May 05, 2026