Exploitation Summary
EIP tracks 1 public exploit for EIP-2026-106970. PoCs published by Onur Yılmaz.
AI-analyzed exploit summary The document describes XSS and Blind SQL Injection vulnerabilities in ExponentCMS 2.0.5, providing example PoC URLs and references to vendor patches. It includes technical details about the vulnerabilities and their impact.
Description
exponentcms 2.0.5 - Multiple Vulnerabilities
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Onur Yılmaz · textwebappsphp
https://www.exploit-db.com/exploits/18773
The document describes XSS and Blind SQL Injection vulnerabilities in ExponentCMS 2.0.5, providing example PoC URLs and references to vendor patches. It includes technical details about the vulnerabilities and their impact.
Classification
Writeup 90%
Attack Type
Xss | Sqli
Complexity
Trivial
Reliability
Reliable
Target:
ExponentCMS 2.0.5 and possibly below
No auth needed
Prerequisites:
Access to the vulnerable web application
mistral-large-3 · analyzed Feb 18, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026