EIP-2026-107488
PRE-CVEgravy media CMS 1.07 - Multiple Vulnerabilities
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-107488. PoCs published by x0r.
AI-analyzed exploit summary The exploit demonstrates SQL injection vulnerabilities in Gravy Media CMS 1.07, allowing unauthorized access to user credentials and arbitrary file downloads. It includes payloads for authentication bypass and data exfiltration via SQLi.
Description
gravy media CMS 1.07 - Multiple Vulnerabilities
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by x0r · textwebappsphp
https://www.exploit-db.com/exploits/8315
The exploit demonstrates SQL injection vulnerabilities in Gravy Media CMS 1.07, allowing unauthorized access to user credentials and arbitrary file downloads. It includes payloads for authentication bypass and data exfiltration via SQLi.
Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:
Gravy Media CMS 1.07
No auth needed
Prerequisites:
Access to vulnerable endpoints (login.php, viewmsg.php, rate.php, forcedownload.php)
devstral-2 · analyzed Feb 16, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026