EIP-2026-106423

PRE-CVE

Departmental Store Management System 1.2 - SQL Injection

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-106423. PoCs published by Ihsan Sencan.

AI-analyzed exploit summary This is a writeup detailing SQL injection vulnerabilities in Pasal Departmental Store Management System v1.2. It provides multiple endpoints where SQL injection can be exploited, along with table and column names for potential data extraction.

Description

Departmental Store Management System 1.2 - SQL Injection

Exploits (1)

exploitdb WRITEUP

by Ihsan Sencan · textwebappsphp

https://www.exploit-db.com/exploits/41627

View Code ZIP pw:eip

This is a writeup detailing SQL injection vulnerabilities in Pasal Departmental Store Management System v1.2. It provides multiple endpoints where SQL injection can be exploited, along with table and column names for potential data extraction.

Classification

Writeup 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: Pasal Departmental Store Management System v1.2

Auth required

Prerequisites: Access to the application · Valid user credentials

MITRE ATT&CK

T1189 - Drive-by Compromise T1505 - Server Software Component

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026