EIP-2026-107228
PRE-CVEFreelancers Marketplace Script - Persistent Cross-Site Scripting
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-107228. PoCs published by Sid3^effects.
AI-analyzed exploit summary This exploit demonstrates a persistent XSS vulnerability in Freelancers Marketplace Script by injecting malicious scripts into the 'title' and 'describe project' fields during project posting. The payload is executed when other users view the project listings.
Description
Freelancers Marketplace Script - Persistent Cross-Site Scripting
Exploits (1)
exploitdb
WORKING POC
by Sid3^effects · textwebappsphp
https://www.exploit-db.com/exploits/14389
This exploit demonstrates a persistent XSS vulnerability in Freelancers Marketplace Script by injecting malicious scripts into the 'title' and 'describe project' fields during project posting. The payload is executed when other users view the project listings.
Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target:
Freelancers Marketplace Script (version not specified)
Auth required
Prerequisites:
User registration on the target site · Access to the project posting functionality
MITRE ATT&CK
devstral-2 · analyzed Feb 18, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026