Exploitation Summary
EIP tracks 1 public exploit for EIP-2026-106476. PoCs published by Dr.DaShEr.
AI-analyzed exploit summary This is a SQL injection exploit targeting the 'dlili' script via the 'links_showcat.php' parameter. It uses a UNION-based attack to extract admin credentials from the database.
Description
Dlili Script - SQL Injection
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Dr.DaShEr · textwebappsphp
https://www.exploit-db.com/exploits/11318
This is a SQL injection exploit targeting the 'dlili' script via the 'links_showcat.php' parameter. It uses a UNION-based attack to extract admin credentials from the database.
Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:
dlili (version unspecified)
No auth needed
Prerequisites:
A vulnerable instance of the 'dlili' script with exposed 'links_showcat.php' endpoint
mistral-large-3 · analyzed Feb 16, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026