EIP-2026-100108
PRE-CVEAppIntellect SpotLight CRM - 'login.asp' SQL Injection
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-100108. PoCs published by ajann.
AI-analyzed exploit summary The exploit demonstrates an SQL injection vulnerability in AppIntellect SpotLight CRM's login.asp page. By injecting malicious SQL queries into the UserName field, an attacker can manipulate the database, such as resetting passwords or usernames.
Description
AppIntellect SpotLight CRM - 'login.asp' SQL Injection
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by ajann · textwebappsasp
https://www.exploit-db.com/exploits/29271
The exploit demonstrates an SQL injection vulnerability in AppIntellect SpotLight CRM's login.asp page. By injecting malicious SQL queries into the UserName field, an attacker can manipulate the database, such as resetting passwords or usernames.
Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:
AppIntellect SpotLight CRM
No auth needed
Prerequisites:
Access to the login.asp page
devstral-2 · analyzed Feb 18, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026