EIP-2026-106453

PRE-CVE

DigitalHive - 'mt' Cross-Site Scripting

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-106453. PoCs published by ViRuSMaN.

AI-analyzed exploit summary The exploit demonstrates a cross-site scripting (XSS) vulnerability in DigitalHive by injecting malicious input into the 'mt' parameter of the 'membres.php' page. The lack of proper input sanitization allows arbitrary script execution in the context of the affected site.

Description

DigitalHive - 'mt' Cross-Site Scripting

Exploits (1)

exploitdb WORKING POC VERIFIED

by ViRuSMaN · textwebappsphp

https://www.exploit-db.com/exploits/33482

View Code ZIP pw:eip

The exploit demonstrates a cross-site scripting (XSS) vulnerability in DigitalHive by injecting malicious input into the 'mt' parameter of the 'membres.php' page. The lack of proper input sanitization allows arbitrary script execution in the context of the affected site.

Classification

Working Poc 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: DigitalHive (version not specified)

No auth needed

Prerequisites: Access to the vulnerable DigitalHive instance

MITRE ATT&CK

T1059.007 - JavaScript

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026