EIP-2026-107285

PRE-CVE

FS Monster Clone - 'id' SQL Injection

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-107285. PoCs published by 8bitsec.

AI-analyzed exploit summary This exploit demonstrates a boolean-based blind SQL injection vulnerability in the 'id' parameter of the FS Monster Clone software. The PoC shows how an attacker can inject SQL queries via the GET parameter in Job_Details.php.

Description

FS Monster Clone - 'id' SQL Injection

Exploits (1)

exploitdb WORKING POC

by 8bitsec · textwebappsphp

https://www.exploit-db.com/exploits/43049

View Code ZIP pw:eip

This exploit demonstrates a boolean-based blind SQL injection vulnerability in the 'id' parameter of the FS Monster Clone software. The PoC shows how an attacker can inject SQL queries via the GET parameter in Job_Details.php.

Classification

Working Poc 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: FS Monster Clone (24 October 17)

No auth needed

Prerequisites: Access to the vulnerable web application

MITRE ATT&CK

T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026