EIP-2026-107014

PRE-CVE

eZoneScripts (Multiple Scripts) - Insecure Cookie Authentication Bypass

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-107014. PoCs published by JIKO.

AI-analyzed exploit summary This exploit demonstrates an authentication bypass vulnerability in multiple eZoneScripts products by manipulating cookie values to gain administrative access. The PoC provides specific cookie data to set for each affected script.

Description

eZoneScripts (Multiple Scripts) - Insecure Cookie Authentication Bypass

Exploits (1)

exploitdb WORKING POC VERIFIED

by JIKO · textwebappsphp

https://www.exploit-db.com/exploits/33934

View Code ZIP pw:eip

This exploit demonstrates an authentication bypass vulnerability in multiple eZoneScripts products by manipulating cookie values to gain administrative access. The PoC provides specific cookie data to set for each affected script.

Classification

Working Poc 90%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: eZoneScripts Banner Exchange Website, Adult Banner Exchange Website, Apartment Search Script, phpMiniSite Script, and Classified Ultra Script

No auth needed

Prerequisites: Access to set cookies on the target domain

MITRE ATT&CK

T1189 - Drive-by Compromise T1552 - Unsecured Credentials

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026