EIP-2026-104916

PRE-CVE

ACollab - Multiple Vulnerabilities

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-104916. PoCs published by AmnPardaz.

AI-analyzed exploit summary This document describes SQL injection and authentication bypass vulnerabilities in ACollab 1.2. It provides exploitation vectors for both issues, including SQL injection via the 'login' and 'password' parameters and an authentication bypass using a crafted username.

Description

ACollab - Multiple Vulnerabilities

Exploits (1)

exploitdb WRITEUP

by AmnPardaz · textwebappsphp

https://www.exploit-db.com/exploits/14640

View Code ZIP pw:eip

This document describes SQL injection and authentication bypass vulnerabilities in ACollab 1.2. It provides exploitation vectors for both issues, including SQL injection via the 'login' and 'password' parameters and an authentication bypass using a crafted username.

Classification

Writeup 90%

Attack Type

Sqli | Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: ACollab 1.2

No auth needed

Prerequisites: Access to the sign_in.php page

MITRE ATT&CK

T1189 - Drive-by Compromise T1078 - Valid Accounts

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026