EIP-2026-107871

PRE-CVE

InselPhoto 1.1 - Cross-Site Scripting

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-107871. PoCs published by rAWjAW.

AI-analyzed exploit summary This is a technical writeup describing a persistent XSS vulnerability in InselPhoto v1.1. The vulnerability allows an attacker to inject malicious JavaScript code into the photo album description, which executes when other users view the slideshow.

Description

InselPhoto 1.1 - Cross-Site Scripting

Exploits (1)

exploitdb WRITEUP VERIFIED
by rAWjAW · textwebappsphp
https://www.exploit-db.com/exploits/8057

This is a technical writeup describing a persistent XSS vulnerability in InselPhoto v1.1. The vulnerability allows an attacker to inject malicious JavaScript code into the photo album description, which executes when other users view the slideshow.

Classification
Writeup 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: InselPhoto v1.1
Auth required
Prerequisites: User account creation · Album creation · Photo upload with malicious description
MITRE ATT&CK
devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026