EIP-2026-100219
PRE-CVEComersus Backoffice 4.x/5.0/6.0 - '/comersus/database/comersus.mdb' Direct Request Database Disclosure
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-100219. PoCs published by _6mO_HaCk.
AI-analyzed exploit summary This Perl script exploits multiple vulnerabilities in Comersus BackOfficePlus and BackOfficeLite, including SQL injection for authentication bypass, information disclosure via direct database access, and XSS. It automates checks for these vulnerabilities and includes a brute-force attack capability.
Description
Comersus Backoffice 4.x/5.0/6.0 - '/comersus/database/comersus.mdb' Direct Request Database Disclosure
Exploits (1)
This Perl script exploits multiple vulnerabilities in Comersus BackOfficePlus and BackOfficeLite, including SQL injection for authentication bypass, information disclosure via direct database access, and XSS. It automates checks for these vulnerabilities and includes a brute-force attack capability.