EIP-2026-105164

PRE-CVE

amoeba CMS 1.01 - Multiple Vulnerabilities

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-105164. PoCs published by mr_me.

AI-analyzed exploit summary This exploit demonstrates multiple vulnerabilities in Amoeba CMS v1.01, including pre-auth and post-auth SQL injection, shell upload via file extension bypass, and logic flaws for password disclosure. The provided Python script automates blind SQL injection to extract database information and user credentials.

Description

amoeba CMS 1.01 - Multiple Vulnerabilities

Exploits (1)

exploitdb WORKING POC VERIFIED

by mr_me · pythonwebappsphp

https://www.exploit-db.com/exploits/15893

View Code ZIP pw:eip

This exploit demonstrates multiple vulnerabilities in Amoeba CMS v1.01, including pre-auth and post-auth SQL injection, shell upload via file extension bypass, and logic flaws for password disclosure. The provided Python script automates blind SQL injection to extract database information and user credentials.

Classification

Working Poc 95%

Attack Type

Sqli

Complexity

Moderate

Reliability

Reliable

Target: Amoeba CMS v1.01

No auth needed

Prerequisites: Network access to the target · Amoeba CMS v1.01 installation

MITRE ATT&CK

T1189 - Drive-by Compromise T1505 - Server Software Component

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026