EIP-2026-108553

PRE-CVE

Joomla! Component com_spielothek 1.6.9 - Multiple Blind SQL Injections

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-108553. PoCs published by Salvatore Fresta.

AI-analyzed exploit summary This document details multiple blind SQL injection vulnerabilities in the Spielothek 1.6.9 Joomla component, specifically in parameters used in files like battle.php and scores.php. It provides sample exploit URLs demonstrating the injection technique but does not include functional exploit code.

Description

Joomla! Component com_spielothek 1.6.9 - Multiple Blind SQL Injections

Exploits (1)

exploitdb WRITEUP VERIFIED

by Salvatore Fresta · textwebappsphp

https://www.exploit-db.com/exploits/14518

View Code ZIP pw:eip

This document details multiple blind SQL injection vulnerabilities in the Spielothek 1.6.9 Joomla component, specifically in parameters used in files like battle.php and scores.php. It provides sample exploit URLs demonstrating the injection technique but does not include functional exploit code.

Classification

Writeup 90%

Attack Type

Sqli

Complexity

Moderate

Reliability

Reliable

Target: Spielothek 1.6.9 Joomla Component

No auth needed

Prerequisites: Access to the vulnerable Joomla component

MITRE ATT&CK

T1189 - Drive-by Compromise T1505 - Server Software Component

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026