EIP-2026-106366

PRE-CVE

Dating Pro Genie 2015.7 - Cross-Site Request Forgery

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-106366. PoCs published by High-Tech Bridge SA.

AI-analyzed exploit summary This exploit demonstrates CSRF vulnerabilities in Dating Pro Genie (2015.7), allowing an attacker to change administrator credentials or execute arbitrary system commands via crafted HTML forms. The PoC includes two distinct CSRF attacks targeting different endpoints.

Description

Dating Pro Genie 2015.7 - Cross-Site Request Forgery

Exploits (1)

exploitdb WORKING POC

by High-Tech Bridge SA · textwebappsphp

https://www.exploit-db.com/exploits/39586

View Code ZIP pw:eip

This exploit demonstrates CSRF vulnerabilities in Dating Pro Genie (2015.7), allowing an attacker to change administrator credentials or execute arbitrary system commands via crafted HTML forms. The PoC includes two distinct CSRF attacks targeting different endpoints.

Classification

Working Poc 100%

Attack Type

Auth Bypass | Rce

Complexity

Trivial

Reliability

Reliable

Target: Dating Pro Genie (2015.7)

No auth needed

Prerequisites: Victim must be logged in as administrator · Attacker must trick victim into visiting a malicious page

MITRE ATT&CK

T1189 - Drive-by Compromise T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026