EIP-2026-105943

PRE-CVE

ClipShare 4.1.1 - 'gid' Blind SQL Injection

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-105943. PoCs published by Esac.

AI-analyzed exploit summary This exploit demonstrates a blind SQL injection vulnerability in ClipShare 4.1.4 via the 'gid' parameter in gmembers.php. The PoC shows how to trigger the vulnerability by manipulating the SQL query to return different responses based on true/false conditions.

Description

ClipShare 4.1.1 - 'gid' Blind SQL Injection

Exploits (1)

exploitdb WORKING POC VERIFIED

by Esac · textwebappsphp

https://www.exploit-db.com/exploits/24881

View Code ZIP pw:eip

This exploit demonstrates a blind SQL injection vulnerability in ClipShare 4.1.4 via the 'gid' parameter in gmembers.php. The PoC shows how to trigger the vulnerability by manipulating the SQL query to return different responses based on true/false conditions.

Classification

Working Poc 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: ClipShare - Video Sharing Community Script 4.1.4

No auth needed

Prerequisites: MAGIC_QUOTES_GPC must be turned off on the server · A group must exist in the community

MITRE ATT&CK

T1189 - Drive-by Compromise T1505 - Server Software Component

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026