EIP-2026-105150

PRE-CVE

am4ss 1.2 - Multiple Vulnerabilities

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-105150. PoCs published by s3n4t00r.

AI-analyzed exploit summary The document describes multiple stored and reflected XSS vulnerabilities in am4ss 1.2, detailing steps to exploit them via user input fields and URL parameters. It provides specific endpoints and payload examples but lacks functional exploit code.

Description

am4ss 1.2 - Multiple Vulnerabilities

Exploits (1)

exploitdb WRITEUP VERIFIED

by s3n4t00r · textwebappsphp

https://www.exploit-db.com/exploits/20198

View Code ZIP pw:eip

The document describes multiple stored and reflected XSS vulnerabilities in am4ss 1.2, detailing steps to exploit them via user input fields and URL parameters. It provides specific endpoints and payload examples but lacks functional exploit code.

Classification

Writeup 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: am4ss 1.2

Auth required

Prerequisites: User registration · Authentication · Access to specific endpoints

MITRE ATT&CK

T1059.007 - JavaScript

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026