EIP-2026-100709

PRE-CVE

GTChat 0.95 Alpha - 'adduser' Remote Denial of Service

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-100709. PoCs published by VTECin5th.

AI-analyzed exploit summary This Perl script automates the creation of multiple user accounts in GTChat 0.95 by sending HTTP GET requests to the vulnerable registration endpoint. It bypasses authentication by directly crafting registration parameters, demonstrating an authentication bypass vulnerability.

Description

GTChat 0.95 Alpha - 'adduser' Remote Denial of Service

Exploits (1)

exploitdb WORKING POC VERIFIED

by VTECin5th · perldoscgi

https://www.exploit-db.com/exploits/1175

View Code ZIP pw:eip

This Perl script automates the creation of multiple user accounts in GTChat 0.95 by sending HTTP GET requests to the vulnerable registration endpoint. It bypasses authentication by directly crafting registration parameters, demonstrating an authentication bypass vulnerability.

Classification

Working Poc 95%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: GTChat 0.95

No auth needed

Prerequisites: Network access to the target server · GTChat 0.95 installation with exposed registration endpoint

MITRE ATT&CK

T1110.001 - Password Guessing

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026