CVE-2020-26052

MEDIUM

Online Marriage Registration System 1.0 - Stored Cross-Site Scripting

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-26052. PoCs published by that faceless coder.

AI-analyzed exploit summary The writeup describes a stored XSS vulnerability in Online Marriage Registration System 1.0, where user-supplied input is inserted into the database without proper sanitization and later rendered unsafely. The provided code snippet shows the vulnerable SQL insertion logic and highlights the lack of input validation.

Description

Online Marriage Registration System 1.0 is affected by stored cross-site scripting (XSS) vulnerabilities in multiple parameters.

Exploits (1)

exploitdb WRITEUP

by that faceless coder · textwebappsphp

https://www.exploit-db.com/exploits/48522

View Code ZIP pw:eip

The writeup describes a stored XSS vulnerability in Online Marriage Registration System 1.0, where user-supplied input is inserted into the database without proper sanitization and later rendered unsafely. The provided code snippet shows the vulnerable SQL insertion logic and highlights the lack of input validation.

Classification

Writeup 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: Online Marriage Registration System 1.0

Auth required

Prerequisites: Access to the registration form · Ability to submit crafted input

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (1)

Core 1

Core References

Third Party Advisory, VDB Entry x_refsource_misc

https://www.exploit-db.com/exploits/48522

Scores

CVSS v3 5.4

EPSS 0.0068

EPSS Percentile 47.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Details

CWE

CWE-79

Status published

Products (1)

phpgurukul/online_marriage_registration_system 1.0

Published Feb 08, 2021

Tracked Since Feb 18, 2026