EIP-2026-104309
PRE-CVELocatePC 1.05 (Ligatt Version + Others) - SQL Injection
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-104309. PoCs published by anonymous.
AI-analyzed exploit summary This exploit demonstrates a SQL injection vulnerability in LocatePC 1.05, allowing arbitrary SELECT queries against the LocatePC and 'mysql' databases. The PoC sends a maliciously crafted XML request to the API endpoint, extracting sensitive user data such as usernames, MAC addresses, and last login IPs.
Description
LocatePC 1.05 (Ligatt Version + Others) - SQL Injection
Exploits (1)
This exploit demonstrates a SQL injection vulnerability in LocatePC 1.05, allowing arbitrary SELECT queries against the LocatePC and 'mysql' databases. The PoC sends a maliciously crafted XML request to the API endpoint, extracting sensitive user data such as usernames, MAC addresses, and last login IPs.