EIP-2026-100224

This exploit demonstrates an authentication bypass vulnerability in Comersus Shopping Cart v6 by allowing an attacker to modify user account details, including email and password, without proper authorization. The PoC provides an HTML form that submits modified user data directly to the vulnerable endpoint.