EIP-2026-106541

PRE-CVE

Doodle4Gift - Multiple Vulnerabilities

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-106541. PoCs published by Dr.NaNo.

AI-analyzed exploit summary The exploit demonstrates two vulnerabilities in Doodle4Gift: a reflected XSS via the 'profile' parameter and an information disclosure flaw exposing user credentials in an XML file. Both are trivial to exploit and require no authentication.

Description

Doodle4Gift - Multiple Vulnerabilities

Exploits (1)

exploitdb WORKING POC VERIFIED
by Dr.NaNo · textwebappsphp
https://www.exploit-db.com/exploits/31085

The exploit demonstrates two vulnerabilities in Doodle4Gift: a reflected XSS via the 'profile' parameter and an information disclosure flaw exposing user credentials in an XML file. Both are trivial to exploit and require no authentication.

Classification
Working Poc 90%
Attack Type
Xss | Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Doodle4Gift <= (unspecified version)
No auth needed
Prerequisites: Access to the target web application
mistral-large-3 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026