EIP-2026-106085

PRE-CVE

CommPort 1.01 - Multiple Vulnerabilities

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-106085. PoCs published by Jean Pascal Pereira.

AI-analyzed exploit summary The document describes SQL injection and authentication bypass vulnerabilities in CommPort 1.01. The SQL injection occurs due to unsanitized user input in the signup.cgi script, while the authentication bypass leverages improperly restricted HTTP methods in .htaccess files.

Description

CommPort 1.01 - Multiple Vulnerabilities

Exploits (1)

exploitdb WRITEUP

by Jean Pascal Pereira · textwebappsphp

https://www.exploit-db.com/exploits/20871

View Code ZIP pw:eip

The document describes SQL injection and authentication bypass vulnerabilities in CommPort 1.01. The SQL injection occurs due to unsanitized user input in the signup.cgi script, while the authentication bypass leverages improperly restricted HTTP methods in .htaccess files.

Classification

Writeup 90%

Attack Type

Sqli | Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: CommPort 1.01

No auth needed

Prerequisites: Network access to the target application

MITRE ATT&CK

T1189 - Drive-by Compromise T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026