EIP-2026-106326

PRE-CVE

Cythosia 2.x Botnet (C2 Web Panel) - SQL Injection

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-106326. PoCs published by GalaxyAndroid.

AI-analyzed exploit summary This exploit demonstrates a SQL injection vulnerability in Cythosia Botnet's 'socks5.php' file, allowing an attacker to extract MySQL version and user information via crafted POST requests. The vulnerability arises from unsanitized user input in the 'hwid' parameter.

Description

Cythosia 2.x Botnet (C2 Web Panel) - SQL Injection

Exploits (1)

exploitdb WORKING POC VERIFIED
by GalaxyAndroid · textwebappsphp
https://www.exploit-db.com/exploits/30238

This exploit demonstrates a SQL injection vulnerability in Cythosia Botnet's 'socks5.php' file, allowing an attacker to extract MySQL version and user information via crafted POST requests. The vulnerability arises from unsanitized user input in the 'hwid' parameter.

Classification
Working Poc 95%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: Cythosia Botnet 2.x
No auth needed
Prerequisites: Access to the target web application · Network connectivity to the target server
mistral-large-3 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026