EIP-2026-106745

PRE-CVE

eBlog 1.7 - Multiple SQL Injections

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-106745. PoCs published by Salvatore Fresta.

AI-analyzed exploit summary This document details multiple SQL injection vulnerabilities in eBlog 1.7, affecting parameters like 'id' and 'keywords'. It provides technical analysis, sample exploit URLs, and notes the requirement for magic_quotes_gpc to be disabled in some cases.

Description

eBlog 1.7 - Multiple SQL Injections

Exploits (1)

exploitdb WRITEUP VERIFIED

by Salvatore Fresta · textwebappsphp

https://www.exploit-db.com/exploits/15486

View Code ZIP pw:eip

This document details multiple SQL injection vulnerabilities in eBlog 1.7, affecting parameters like 'id' and 'keywords'. It provides technical analysis, sample exploit URLs, and notes the requirement for magic_quotes_gpc to be disabled in some cases.

Classification

Writeup 95%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: eBlog 1.7

No auth needed

Prerequisites: magic_quotes_gpc disabled for some exploits

MITRE ATT&CK

T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026