EIP-2026-107648

PRE-CVE

Hotel Booking Portal 0.1 - Multiple Vulnerabilities

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-107648. PoCs published by Yakir Wizman.

AI-analyzed exploit summary The exploit demonstrates multiple vulnerabilities in Hotel Booking Portal v0.1, including SQL injection in login and search functionalities, and XSS in various parameters. It provides clear PoC examples for each vulnerability.

Description

Hotel Booking Portal 0.1 - Multiple Vulnerabilities

Exploits (1)

exploitdb WORKING POC VERIFIED

by Yakir Wizman · textwebappsphp

https://www.exploit-db.com/exploits/20476

View Code ZIP pw:eip

The exploit demonstrates multiple vulnerabilities in Hotel Booking Portal v0.1, including SQL injection in login and search functionalities, and XSS in various parameters. It provides clear PoC examples for each vulnerability.

Classification

Working Poc 95%

Attack Type

Sqli | Xss

Complexity

Trivial

Reliability

Reliable

Target: Hotel Booking Portal v0.1

No auth needed

Prerequisites: Access to the target application

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026