EIP-2026-104678

PRE-CVE

PHPMyLicense 3.0.0 < 3.1.4 - Denial of Service

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-104678. PoCs published by Aria Akhavan Rezayat.

AI-analyzed exploit summary This is a writeup describing a stored XSS vulnerability in PHPMyLicense versions 3.0.0 to 3.1.4. The exploit involves sending a malicious POST request to the ajax endpoint, which lacks proper input filtering.

Description

PHPMyLicense 3.0.0 < 3.1.4 - Denial of Service

Exploits (1)

exploitdb WRITEUP

by Aria Akhavan Rezayat · textdosphp

https://www.exploit-db.com/exploits/38442

View Code ZIP pw:eip

This is a writeup describing a stored XSS vulnerability in PHPMyLicense versions 3.0.0 to 3.1.4. The exploit involves sending a malicious POST request to the ajax endpoint, which lacks proper input filtering.

Classification

Writeup 80%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: PHPMyLicense 3.0.0 - 3.1.4

Auth required

Prerequisites: Registered user access

MITRE ATT&CK

T1059.007 - JavaScript

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026