EIP-2026-102474

PRE-CVE

DALIM SOFTWARE ES Core 5.0 build 7184.1 - Server-Side Request Forgery

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-102474. PoCs published by LiquidWorm.

AI-analyzed exploit summary This exploit demonstrates a Server-Side Request Forgery (SSRF) vulnerability in DALIM SOFTWARE ES Core 5.0 build 7184.1. The vulnerability allows an attacker to force the application to make HTTP requests to arbitrary destinations by manipulating the 'screen' parameter in the XUI servlet.

Description

DALIM SOFTWARE ES Core 5.0 build 7184.1 - Server-Side Request Forgery

Exploits (1)

exploitdb WORKING POC

by LiquidWorm · textwebappsjsp

https://www.exploit-db.com/exploits/42439

View Code ZIP pw:eip

This exploit demonstrates a Server-Side Request Forgery (SSRF) vulnerability in DALIM SOFTWARE ES Core 5.0 build 7184.1. The vulnerability allows an attacker to force the application to make HTTP requests to arbitrary destinations by manipulating the 'screen' parameter in the XUI servlet.

Classification

Working Poc 90%

Attack Type

Ssrf

Complexity

Trivial

Reliability

Reliable

Target: DALIM SOFTWARE ES Core 5.0 build 7184.1 and earlier versions

No auth needed

Prerequisites: Network access to the DALIM Web Service management interface

MITRE ATT&CK

T1083 - File and Directory Discovery T1135 - Network Share Discovery

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026