EIP-2026-108112

PRE-CVE

Jobberbase 2.0 - Multiple Vulnerabilities

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-108112. PoCs published by Ross Marks.

AI-analyzed exploit summary This writeup details multiple vulnerabilities in Jobberbase 2.0, including local path disclosure, open redirect, XSS (reflected and persistent), unrestricted file upload, code execution via race condition, and SQL injection. It provides technical descriptions and examples for each vulnerability.

Description

Jobberbase 2.0 - Multiple Vulnerabilities

Exploits (1)

exploitdb WRITEUP

by Ross Marks · textwebappsphp

https://www.exploit-db.com/exploits/40351

View Code ZIP pw:eip

This writeup details multiple vulnerabilities in Jobberbase 2.0, including local path disclosure, open redirect, XSS (reflected and persistent), unrestricted file upload, code execution via race condition, and SQL injection. It provides technical descriptions and examples for each vulnerability.

Classification

Writeup 90%

Attack Type

Info Leak | Xss | Sqli | Auth Bypass | Other

Complexity

Trivial

Reliability

Reliable

Target: Jobberbase 2.0

No auth needed

Prerequisites: Access to the target application · Ability to send crafted HTTP requests

MITRE ATT&CK

T1003 - OS Credential Dumping T1059 - Command and Scripting Interpreter T1189 - Drive-by Compromise T1055 - Process Injection

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026