EIP-2026-100625

PRE-CVE

Web Wiz Site News 3.6 - Information Disclosure

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-100625. PoCs published by drG4njubas.

AI-analyzed exploit summary This is a technical writeup describing an information disclosure vulnerability in Web Wiz Site News. The vulnerability allows an attacker to download the underlying Access database file (news.mdb) containing plaintext administration credentials.

Description

Web Wiz Site News 3.6 - Information Disclosure

Exploits (1)

exploitdb WRITEUP VERIFIED

by drG4njubas · textwebappsasp

https://www.exploit-db.com/exploits/22487

View Code ZIP pw:eip

This is a technical writeup describing an information disclosure vulnerability in Web Wiz Site News. The vulnerability allows an attacker to download the underlying Access database file (news.mdb) containing plaintext administration credentials.

Classification

Writeup 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Web Wiz Site News 3.06 (and possibly earlier versions)

No auth needed

Prerequisites: Access to the target web server

MITRE ATT&CK

T1592 - Gather Victim Host Information

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026