EIP-2026-100603

PRE-CVE

Virtual Support Office XP 3.0.29 - Multiple Vulnerabilities

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-100603. PoCs published by BugReport.IR.

AI-analyzed exploit summary This is a detailed technical writeup describing multiple vulnerabilities in Virtual Support Office-XP, including SQL injection, XSS, and authentication bypass flaws. It provides specific exploit URLs and payloads for demonstration.

Description

Virtual Support Office XP 3.0.29 - Multiple Vulnerabilities

Exploits (1)

exploitdb WRITEUP VERIFIED

by BugReport.IR · textwebappsasp

https://www.exploit-db.com/exploits/5869

View Code ZIP pw:eip

This is a detailed technical writeup describing multiple vulnerabilities in Virtual Support Office-XP, including SQL injection, XSS, and authentication bypass flaws. It provides specific exploit URLs and payloads for demonstration.

Classification

Writeup 95%

Attack Type

Sqli | Xss | Auth Bypass | Info Leak

Complexity

Moderate

Reliability

Reliable

Target: Virtual Support Office-XP versions 3.0.29, 3.0.27 and prior

No auth needed

Prerequisites: Access to the vulnerable web application

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1055 - Process Injection

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026