EIP-2026-105901

PRE-CVE

Clever Copy 2.0 - Private Message Unauthorized Access

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-105901. PoCs published by Lostmon.

AI-analyzed exploit summary This exploit demonstrates an unauthorized access vulnerability in Clever Copy, allowing an attacker to view or delete arbitrary private messages by manipulating the 'ID' and 'user' parameters in the URL.

Description

Clever Copy 2.0 - Private Message Unauthorized Access

Exploits (1)

exploitdb WORKING POC VERIFIED

by Lostmon · textwebappsphp

https://www.exploit-db.com/exploits/26043

View Code ZIP pw:eip

This exploit demonstrates an unauthorized access vulnerability in Clever Copy, allowing an attacker to view or delete arbitrary private messages by manipulating the 'ID' and 'user' parameters in the URL.

Classification

Working Poc 90%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: Clever Copy (version not specified)

No auth needed

Prerequisites: Access to the target application's URL

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026