EIP-2026-100856

PRE-CVE

MetaDot Portal Server 5.6.x - 'index.pl' Multiple SQL Injections

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-100856. PoCs published by JeiAr.

AI-analyzed exploit summary The provided text describes multiple input validation vulnerabilities in MetaDot Portal Server, including data corruption, information disclosure, and XSS. It lists specific query parameters that can be exploited but does not include functional exploit code.

Description

MetaDot Portal Server 5.6.x - 'index.pl' Multiple SQL Injections

Exploits (1)

exploitdb WRITEUP VERIFIED

by JeiAr · textwebappscgi

https://www.exploit-db.com/exploits/23548

View Code ZIP pw:eip

The provided text describes multiple input validation vulnerabilities in MetaDot Portal Server, including data corruption, information disclosure, and XSS. It lists specific query parameters that can be exploited but does not include functional exploit code.

Classification

Writeup 90%

Attack Type

Xss | Info Leak

Complexity

Trivial

Reliability

Theoretical

Target: MetaDot Portal Server (all versions)

No auth needed

Prerequisites: Access to the target web application

MITRE ATT&CK

T1059.007 - JavaScript T1592 - Gather Victim Host Information

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026