Exploitation Summary
EIP tracks 1 public exploit for EIP-2026-107870. PoCs published by Osirys.
AI-analyzed exploit summary This Perl script exploits a SQL injection vulnerability in InselPhoto v1.1's search.php to extract admin credentials and disclose local files via the load_file() MySQL function.
Description
InselPhoto 1.1 - 'query' SQL Injection
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Osirys · perlwebappsphp
https://www.exploit-db.com/exploits/8045
This Perl script exploits a SQL injection vulnerability in InselPhoto v1.1's search.php to extract admin credentials and disclose local files via the load_file() MySQL function.
Classification
Working Poc 95%
Attack Type
Sqli
Complexity
Moderate
Reliability
Reliable
Target:
InselPhoto v1.1
No auth needed
Prerequisites:
Target must be running InselPhoto v1.1 with exposed search.php
devstral-2 · analyzed Feb 16, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026