EIP-2026-107535
PRE-CVEGuru JustAnswer Professional 1.25 - Multiple SQL Injections
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-107535. PoCs published by v3n0m.
AI-analyzed exploit summary The exploit demonstrates SQL injection vulnerabilities in Guru JustAnswer Professional 1.25 via the 'que_id' and 'id' parameters in 'forum_answer.php' and 'profile.php'. It provides direct URLs with injection points, confirming the vulnerability's existence.
Description
Guru JustAnswer Professional 1.25 - Multiple SQL Injections
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by v3n0m · textwebappsphp
https://www.exploit-db.com/exploits/17350
The exploit demonstrates SQL injection vulnerabilities in Guru JustAnswer Professional 1.25 via the 'que_id' and 'id' parameters in 'forum_answer.php' and 'profile.php'. It provides direct URLs with injection points, confirming the vulnerability's existence.
Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:
Guru JustAnswer Professional 1.25
No auth needed
Prerequisites:
Access to the vulnerable web application
devstral-2 · analyzed Feb 18, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026