EIP-2026-107100
PRE-CVEFind a Place CMS Directory 1.5 - 'assets/external/data_2.php cate' SQL Injection
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-107100. PoCs published by Deyaa Muhammad.
AI-analyzed exploit summary This exploit demonstrates a SQL injection vulnerability in Find a Place CMS Directory 1.5 via the 'cate' parameter in a POST request to 'assets/external/data_2.php'. The payload extracts admin credentials (username, password, and email) using a UNION-based attack.
Description
Find a Place CMS Directory 1.5 - 'assets/external/data_2.php cate' SQL Injection
Exploits (1)
This exploit demonstrates a SQL injection vulnerability in Find a Place CMS Directory 1.5 via the 'cate' parameter in a POST request to 'assets/external/data_2.php'. The payload extracts admin credentials (username, password, and email) using a UNION-based attack.