EIP-2026-107482

PRE-CVE

Graugon Gallery 1.0 - Cross-Site Scripting / SQL Injection / Cookie Bypass

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-107482. PoCs published by x0r.

AI-analyzed exploit summary The document describes SQL injection, insecure cookie handling, and XSS vulnerabilities in Graugon Gallery 1.0. It includes code snippets demonstrating the flaws and provides exploit examples.

Description

Graugon Gallery 1.0 - Cross-Site Scripting / SQL Injection / Cookie Bypass

Exploits (1)

exploitdb WRITEUP VERIFIED

by x0r · textwebappsphp

https://www.exploit-db.com/exploits/8040

View Code ZIP pw:eip

The document describes SQL injection, insecure cookie handling, and XSS vulnerabilities in Graugon Gallery 1.0. It includes code snippets demonstrating the flaws and provides exploit examples.

Classification

Writeup 90%

Attack Type

Sqli | Xss | Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: Graugon Gallery 1.0

No auth needed

Prerequisites: Access to the vulnerable web application

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026