EIP-2026-104974
PRE-CVEAdvanced Electron Forum 1.0.9 - Cross-Site Request Forgery
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-104974. PoCs published by hyp3rlinx.
AI-analyzed exploit summary This exploit demonstrates multiple CSRF vulnerabilities in Advanced Electron Forum v1.0.9, allowing attackers to perform actions such as changing database settings, deleting emails, shouts, and topics on behalf of an authenticated user.
Description
Advanced Electron Forum 1.0.9 - Cross-Site Request Forgery
Exploits (1)
exploitdb
WORKING POC
by hyp3rlinx · textwebappsphp
https://www.exploit-db.com/exploits/39261
This exploit demonstrates multiple CSRF vulnerabilities in Advanced Electron Forum v1.0.9, allowing attackers to perform actions such as changing database settings, deleting emails, shouts, and topics on behalf of an authenticated user.
Classification
Working Poc 100%
Attack Type
Other
Complexity
Trivial
Reliability
Reliable
Target:
Advanced Electron Forum v1.0.9
Auth required
Prerequisites:
Victim must be authenticated and visit a malicious link or page
devstral-2 · analyzed Feb 16, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026