EIP-2026-104671

PRE-CVE

PHP Captcha Security Images - Denial of Service

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-104671. PoCs published by cp77fk4r.

AI-analyzed exploit summary This exploit demonstrates a Denial of Service (DoS) vulnerability in CaptchaSecurityImages.php by manipulating the width, height, and characters parameters via GET requests, causing excessive resource consumption. The vulnerability arises from unvalidated user input directly influencing resource allocation.

Description

PHP Captcha Security Images - Denial of Service

Exploits (1)

exploitdb WORKING POC VERIFIED

by cp77fk4r · textdosphp

https://www.exploit-db.com/exploits/11397

View Code ZIP pw:eip

This exploit demonstrates a Denial of Service (DoS) vulnerability in CaptchaSecurityImages.php by manipulating the width, height, and characters parameters via GET requests, causing excessive resource consumption. The vulnerability arises from unvalidated user input directly influencing resource allocation.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: CaptchaSecurityImages.php (version not specified)

No auth needed

Prerequisites: Access to the target web application with CaptchaSecurityImages.php endpoint

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026