EIP-2026-105514

PRE-CVE

blindblog 1.3.1 - SQL Injection / Authentication Bypass / Local File Inclusion

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-105514. PoCs published by Salvatore Fresta.

AI-analyzed exploit summary This exploit demonstrates SQL injection, authentication bypass, and local file inclusion vulnerabilities in BlindBlog 1.3.1. It includes functional PoC code for each vulnerability, with clear technical details and attack vectors.

Description

blindblog 1.3.1 - SQL Injection / Authentication Bypass / Local File Inclusion

Exploits (1)

exploitdb WORKING POC VERIFIED

by Salvatore Fresta · textwebappsphp

https://www.exploit-db.com/exploits/8141

View Code ZIP pw:eip

This exploit demonstrates SQL injection, authentication bypass, and local file inclusion vulnerabilities in BlindBlog 1.3.1. It includes functional PoC code for each vulnerability, with clear technical details and attack vectors.

Classification

Working Poc 95%

Attack Type

Sqli | Auth Bypass | Info Leak

Complexity

Trivial

Reliability

Reliable

Target: BlindBlog 1.3.1

No auth needed

Prerequisites: magic_quotes_gpc = off

MITRE ATT&CK

T1189 - Drive-by Compromise T1059 - Command and Scripting Interpreter T1005 - Data from Local System

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026