EIP-2026-104938

PRE-CVE

AdaptCMS 2.0.1 - Cross-Site Scripting / Information Disclosure

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-104938. PoCs published by Stefan Schurtz.

AI-analyzed exploit summary The provided text describes multiple XSS and information disclosure vulnerabilities in AdaptCMS 2.0.1 due to improper input sanitization. It includes example URLs demonstrating the vulnerabilities but does not contain executable exploit code.

Description

AdaptCMS 2.0.1 - Cross-Site Scripting / Information Disclosure

Exploits (1)

exploitdb WRITEUP VERIFIED

by Stefan Schurtz · textwebappsphp

https://www.exploit-db.com/exploits/36167

View Code ZIP pw:eip

The provided text describes multiple XSS and information disclosure vulnerabilities in AdaptCMS 2.0.1 due to improper input sanitization. It includes example URLs demonstrating the vulnerabilities but does not contain executable exploit code.

Classification

Writeup 90%

Attack Type

Xss | Info Leak

Complexity

Trivial

Reliability

Theoretical

Target: AdaptCMS 2.0.1

No auth needed

Prerequisites: Access to the target application

MITRE ATT&CK

T1059.007 - JavaScript T1592 - Gather Victim Host Information

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026