EIP-2026-107204

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-107204. PoCs published by -SmoG-.

AI-analyzed exploit summary This is a SQL injection (SQLi) proof-of-concept for frame-oshop, exploiting a vulnerable 'rid' parameter in the 'main.php' script. The PoC demonstrates information leakage by extracting the database version via a UNION-based SQLi attack.

Description

frame-oshop - SQL Injection

Exploits (1)

exploitdb WORKING POC VERIFIED

by -SmoG- · textwebappsphp

https://www.exploit-db.com/exploits/17289

View Code ZIP pw:eip

This is a SQL injection (SQLi) proof-of-concept for frame-oshop, exploiting a vulnerable 'rid' parameter in the 'main.php' script. The PoC demonstrates information leakage by extracting the database version via a UNION-based SQLi attack.

Classification

Working Poc 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: frame-oshop (version unknown)

No auth needed

Prerequisites: A vulnerable instance of frame-oshop with exposed 'main.php' script · A fresh session ID

MITRE ATT&CK

T1189 - Drive-by Compromise T1505 - Server Software Component

devstral-2 · analyzed Feb 18, 2026 Full analysis →

frame-oshop - SQL Injection

Exploitation Summary

Description

Exploits (1)

Details