EIP-2026-106476

PRE-CVE

Dlili Script - SQL Injection

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-106476. PoCs published by Dr.DaShEr.

AI-analyzed exploit summary This is a SQL injection exploit targeting the 'dlili' script via the 'links_showcat.php' parameter. It uses a UNION-based attack to extract admin credentials from the database.

Description

Dlili Script - SQL Injection

Exploits (1)

exploitdb WORKING POC VERIFIED
by Dr.DaShEr · textwebappsphp
https://www.exploit-db.com/exploits/11318

This is a SQL injection exploit targeting the 'dlili' script via the 'links_showcat.php' parameter. It uses a UNION-based attack to extract admin credentials from the database.

Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: dlili (version unspecified)
No auth needed
Prerequisites: A vulnerable instance of the 'dlili' script with exposed 'links_showcat.php' endpoint
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026