EIP-2026-106573

PRE-CVE

Dredge School Administration System - '/DSM/Backup/processbackup.php' Database Backup Information Disclosure

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-106573. PoCs published by AtT4CKxT3rR0r1ST.

AI-analyzed exploit summary The provided text describes multiple vulnerabilities in Dredge School Administration System 1.0, including SQL injection, CSRF, XSS, information disclosure, and security bypass. It also details an information disclosure exploit via a predictable backup file location.

Description

Dredge School Administration System - '/DSM/Backup/processbackup.php' Database Backup Information Disclosure

Exploits (1)

exploitdb WRITEUP VERIFIED

by AtT4CKxT3rR0r1ST · textwebappsphp

https://www.exploit-db.com/exploits/38988

View Code ZIP pw:eip

The provided text describes multiple vulnerabilities in Dredge School Administration System 1.0, including SQL injection, CSRF, XSS, information disclosure, and security bypass. It also details an information disclosure exploit via a predictable backup file location.

Classification

Writeup 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Dredge School Administration System 1.0

No auth needed

Prerequisites: Access to the target web application

MITRE ATT&CK

T1592 - Gather Victim Host Information T1119 - Automated Collection

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026