EIP-2026-105571
PRE-CVEBo-Blog 2.1.1 - Cross-Site Scripting / SQL Injection
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-105571. PoCs published by Ashiyane Digital Security Team.
AI-analyzed exploit summary The provided text describes SQL injection and XSS vulnerabilities in Bo-Blog 2.1.1, with example URLs demonstrating the exploits. No actual exploit code is present, only descriptions and proof-of-concept URLs.
Description
Bo-Blog 2.1.1 - Cross-Site Scripting / SQL Injection
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Ashiyane Digital Security Team · textwebappsphp
https://www.exploit-db.com/exploits/38712
The provided text describes SQL injection and XSS vulnerabilities in Bo-Blog 2.1.1, with example URLs demonstrating the exploits. No actual exploit code is present, only descriptions and proof-of-concept URLs.
Classification
Writeup 90%
Attack Type
Sqli | Xss
Complexity
Trivial
Reliability
Reliable
Target:
Bo-Blog 2.1.1
No auth needed
Prerequisites:
Access to the vulnerable Bo-Blog instance
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026