EIP-2026-107369

PRE-CVE

Geeklog 1.5.2 - 'usersettings.php' SQL Injection

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-107369. PoCs published by Nine:Situations:Group::bookoo.

AI-analyzed exploit summary This exploit targets an SQL injection vulnerability in Geeklog 1.5.2 and earlier, allowing an attacker to extract the admin password hash by manipulating the 'blocks' parameter in usersettings.php. The PoC automates the extraction of the MD5 hash through a blind SQLi technique.

Description

Geeklog 1.5.2 - 'usersettings.php' SQL Injection

Exploits (1)

exploitdb WORKING POC VERIFIED

by Nine:Situations:Group::bookoo · phpwebappsphp

https://www.exploit-db.com/exploits/32914

View Code ZIP pw:eip

This exploit targets an SQL injection vulnerability in Geeklog 1.5.2 and earlier, allowing an attacker to extract the admin password hash by manipulating the 'blocks' parameter in usersettings.php. The PoC automates the extraction of the MD5 hash through a blind SQLi technique.

Classification

Working Poc 95%

Attack Type

Sqli

Complexity

Moderate

Reliability

Reliable

Target: Geeklog <= 1.5.2

Auth required

Prerequisites: Valid credentials for authentication · Access to the usersettings.php endpoint

MITRE ATT&CK

T1189 - Drive-by Compromise T1505 - Server Software Component

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026