EIP-2026-108627

PRE-CVE

Joomla! Component DT Register - 'cat' SQL Injection

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-108627. PoCs published by Elar Lang.

AI-analyzed exploit summary This is a detailed writeup describing an SQL injection vulnerability in the Joomla extension DT Register. The vulnerability allows unauthenticated attackers to execute arbitrary SQL commands via the 'cat' parameter. The writeup includes proof-of-concept examples and a timeline of vulnerability disclosure.

Description

Joomla! Component DT Register - 'cat' SQL Injection

Exploits (1)

exploitdb WRITEUP

by Elar Lang · textwebappsphp

https://www.exploit-db.com/exploits/40912

View Code ZIP pw:eip

This is a detailed writeup describing an SQL injection vulnerability in the Joomla extension DT Register. The vulnerability allows unauthenticated attackers to execute arbitrary SQL commands via the 'cat' parameter. The writeup includes proof-of-concept examples and a timeline of vulnerability disclosure.

Classification

Writeup 100%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: DT Register (Joomla extension) before 3.1.12 (Joomla 3.x) / 2.8.18 (Joomla 2.5)

No auth needed

Prerequisites: Access to the vulnerable Joomla instance with DT Register extension installed

MITRE ATT&CK

T1189 - Drive-by Compromise T1505 - Server Software Component

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026