EIP-2026-107903

PRE-CVE

Invision Board 1.1.1 - 'functions.php' SQL Injection

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-107903. PoCs published by Gossi The Dog.

AI-analyzed exploit summary This is a writeup describing an SQL injection vulnerability in Invision Board's functions.php script. The provided URI demonstrates how an attacker can manipulate the 'skinid' parameter to execute malicious SQL queries, potentially leading to information disclosure or database corruption.

Description

Invision Board 1.1.1 - 'functions.php' SQL Injection

Exploits (1)

exploitdb WRITEUP VERIFIED
by Gossi The Dog · textwebappsphp
https://www.exploit-db.com/exploits/22461

This is a writeup describing an SQL injection vulnerability in Invision Board's functions.php script. The provided URI demonstrates how an attacker can manipulate the 'skinid' parameter to execute malicious SQL queries, potentially leading to information disclosure or database corruption.

Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Theoretical
Target: Invision Board (version not specified)
No auth needed
Prerequisites: Access to the target application's URI parameters
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026