EIP-2026-102498

PRE-CVE

ManageEngine ServiceDesk Plus 7.6 - woID SQL Injection

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-102498. PoCs published by Nahuel Grisolia.

AI-analyzed exploit summary The exploit demonstrates a SQL injection vulnerability in Manage Engine Service Desk Plus 7.6 via the 'woID' parameter in WorkOrder.do. It includes functional payloads for MySQL and MSSQL environments, enabling arbitrary SQL execution, file reads, and command execution via xp_cmdshell.

Description

ManageEngine ServiceDesk Plus 7.6 - woID SQL Injection

Exploits (1)

exploitdb WORKING POC VERIFIED

by Nahuel Grisolia · textwebappsjsp

https://www.exploit-db.com/exploits/11793

View Code ZIP pw:eip

The exploit demonstrates a SQL injection vulnerability in Manage Engine Service Desk Plus 7.6 via the 'woID' parameter in WorkOrder.do. It includes functional payloads for MySQL and MSSQL environments, enabling arbitrary SQL execution, file reads, and command execution via xp_cmdshell.

Classification

Working Poc 100%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: Manage Engine Service Desk Plus 7.6

Auth required

Prerequisites: Access to the WorkOrder.do endpoint · Valid authentication credentials

MITRE ATT&CK

T1189 - Drive-by Compromise T1505 - Server Software Component

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026