EIP-2026-100763
PRE-CVEBulletScript MailList - bsml.pl Information Disclosure
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-100763. PoCs published by M0rf.
AI-analyzed exploit summary The provided text describes an information disclosure vulnerability in BulletScript MailList's 'bsml.pl' script, where the 'action' parameter may expose sensitive information. No actual exploit code is present, only a description and example URLs.
Description
BulletScript MailList - bsml.pl Information Disclosure
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by M0rf · textwebappscgi
https://www.exploit-db.com/exploits/23488
The provided text describes an information disclosure vulnerability in BulletScript MailList's 'bsml.pl' script, where the 'action' parameter may expose sensitive information. No actual exploit code is present, only a description and example URLs.
Classification
Writeup 80%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Theoretical
Target:
BulletScript MailList (version unspecified)
No auth needed
Prerequisites:
Access to the vulnerable 'bsml.pl' script
MITRE ATT&CK
mistral-large-3 · analyzed Feb 16, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026