EIP-2026-107040

PRE-CVE

family connections 2.2.3 - Multiple Vulnerabilities

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-107040. PoCs published by Salvatore Fresta.

AI-analyzed exploit summary This document details multiple blind SQL injection and SNMP injection vulnerabilities in Family Connections 2.2.3, providing specific HTTP request examples to exploit the flaws. It includes technical analysis of the root cause (unsanitized numeric fields and mail() function parameters) but does not include functional exploit code.

Description

family connections 2.2.3 - Multiple Vulnerabilities

Exploits (1)

exploitdb WRITEUP VERIFIED

by Salvatore Fresta · textwebappsphp

https://www.exploit-db.com/exploits/12557

View Code ZIP pw:eip

This document details multiple blind SQL injection and SNMP injection vulnerabilities in Family Connections 2.2.3, providing specific HTTP request examples to exploit the flaws. It includes technical analysis of the root cause (unsanitized numeric fields and mail() function parameters) but does not include functional exploit code.

Classification

Writeup 90%

Attack Type

Sqli

Complexity

Moderate

Reliability

Reliable

Target: Family Connections 2.2.3

No auth needed

Prerequisites: Network access to the target application · Ability to send crafted HTTP requests

MITRE ATT&CK

T1189 - Drive-by Compromise T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026