EIP-2026-105905

PRE-CVE

Click&Email - Authentication Bypass

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-105905. PoCs published by SuB-ZeRo.

AI-analyzed exploit summary This exploit demonstrates an authentication bypass vulnerability in the iCash ClickAndEmailDemo admin panel via SQL injection. The payload uses classic SQLi techniques to bypass login authentication.

Description

Click&Email - Authentication Bypass

Exploits (1)

exploitdb WORKING POC VERIFIED

by SuB-ZeRo · textwebappsphp

https://www.exploit-db.com/exploits/7817

View Code ZIP pw:eip

This exploit demonstrates an authentication bypass vulnerability in the iCash ClickAndEmailDemo admin panel via SQL injection. The payload uses classic SQLi techniques to bypass login authentication.

Classification

Working Poc 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: iCash ClickAndEmailDemo (version unspecified)

No auth needed

Prerequisites: Access to the admin login page

MITRE ATT&CK

T1189 - Drive-by Compromise T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026