EIP-2026-106635
PRE-CVEE-PHP B2B Trading Marketplace Script - Multiple Cross-Site Scripting Vulnerabilities
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-106635. PoCs published by SaiedHacker.
AI-analyzed exploit summary The exploit demonstrates multiple XSS vulnerabilities in E-Php B2B Trading Marketplace Script by injecting arbitrary JavaScript via the 'errmsg' parameter in signin.php and gen_confirm.php. The PoC includes direct URLs with payloads that execute alert(1) in the context of the affected site.
Description
E-PHP B2B Trading Marketplace Script - Multiple Cross-Site Scripting Vulnerabilities
Exploits (1)
The exploit demonstrates multiple XSS vulnerabilities in E-Php B2B Trading Marketplace Script by injecting arbitrary JavaScript via the 'errmsg' parameter in signin.php and gen_confirm.php. The PoC includes direct URLs with payloads that execute alert(1) in the context of the affected site.