EIP-2026-100398

PRE-CVE

Lotfian Request For Travel 1.0 - 'ProductDetails.asp' SQL Injection

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-100398. PoCs published by ajann.

AI-analyzed exploit summary The exploit demonstrates an SQL injection vulnerability in 'Request For Travel' software version 1.0. It provides two example URLs that manipulate the 'gtsNews' table by injecting SQL commands to update news titles.

Description

Lotfian Request For Travel 1.0 - 'ProductDetails.asp' SQL Injection

Exploits (1)

exploitdb WORKING POC VERIFIED

by ajann · textwebappsasp

https://www.exploit-db.com/exploits/29276

View Code ZIP pw:eip

The exploit demonstrates an SQL injection vulnerability in 'Request For Travel' software version 1.0. It provides two example URLs that manipulate the 'gtsNews' table by injecting SQL commands to update news titles.

Classification

Working Poc 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: Request For Travel 1.0

No auth needed

Prerequisites: Access to the vulnerable web application

MITRE ATT&CK

T1105 - Ingress Tool Transfer

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026