EIP-2026-100071
PRE-CVETaxiMonger for Android - 'name' HTML Injection
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-100071. PoCs published by Ismail Kaleem.
AI-analyzed exploit summary This exploit demonstrates an HTML injection vulnerability in TaxiMonger for Android, allowing arbitrary HTML and script execution in the browser context. The provided JavaScript payload redirects users to a malicious site upon execution.
Description
TaxiMonger for Android - 'name' HTML Injection
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Ismail Kaleem · textremoteandroid
https://www.exploit-db.com/exploits/38586
This exploit demonstrates an HTML injection vulnerability in TaxiMonger for Android, allowing arbitrary HTML and script execution in the browser context. The provided JavaScript payload redirects users to a malicious site upon execution.
Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target:
TaxiMonger for Android 2.6.2 and 2.3.3
No auth needed
Prerequisites:
User interaction required to trigger the payload
MITRE ATT&CK
mistral-large-3 · analyzed Feb 16, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026