EIP-2026-107059

PRE-CVE

Faulty Evaluation System 1.0 - 'multiple' Stored Cross-Site Scripting

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-107059. PoCs published by Suresh Kumar.

AI-analyzed exploit summary This exploit demonstrates a stored XSS vulnerability in Faulty Evaluation System 1.0, where malicious JavaScript can be injected into student name fields and executed when viewed in the student list page.

Description

Faulty Evaluation System 1.0 - 'multiple' Stored Cross-Site Scripting

Exploits (1)

exploitdb WORKING POC
by Suresh Kumar · textwebappsphp
https://www.exploit-db.com/exploits/49569

This exploit demonstrates a stored XSS vulnerability in Faulty Evaluation System 1.0, where malicious JavaScript can be injected into student name fields and executed when viewed in the student list page.

Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: Faulty Evaluation System 1.0
Auth required
Prerequisites: Access to the student input form · Ability to inject malicious script into name fields
MITRE ATT&CK
devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026