EIP-2026-106950

PRE-CVE

Exam Form Submission System 1.0 - SQL Injection Authentication Bypass

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-106950. PoCs published by Nitin Sharma.

AI-analyzed exploit summary This exploit demonstrates an SQL injection authentication bypass in Exam Form Submission System 1.0. By manipulating the login request with SQLi payloads, an attacker can bypass authentication and gain admin access.

Description

Exam Form Submission System 1.0 - SQL Injection Authentication Bypass

Exploits (1)

exploitdb WORKING POC

by Nitin Sharma · textwebappsphp

https://www.exploit-db.com/exploits/50360

View Code ZIP pw:eip

This exploit demonstrates an SQL injection authentication bypass in Exam Form Submission System 1.0. By manipulating the login request with SQLi payloads, an attacker can bypass authentication and gain admin access.

Classification

Working Poc 100%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: Exam Form Submission System 1.0

No auth needed

Prerequisites: Access to the admin login page · Ability to intercept/modify HTTP requests (e.g., Burp Suite)

MITRE ATT&CK

T1189 - Drive-by Compromise T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026