Exploitation Summary
EIP tracks 1 public exploit for EIP-2026-109088. PoCs published by Valentin.
AI-analyzed exploit summary This is a technical writeup detailing SQL injection and XSS vulnerabilities in leaftec CMS, including vulnerable URLs and example payloads. It provides specific attack vectors and testing methods but does not include functional exploit code.
Description
leaftec CMS - Multiple Vulnerabilities
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Valentin · textwebappsphp
https://www.exploit-db.com/exploits/11889
This is a technical writeup detailing SQL injection and XSS vulnerabilities in leaftec CMS, including vulnerable URLs and example payloads. It provides specific attack vectors and testing methods but does not include functional exploit code.
Classification
Writeup 90%
Attack Type
Sqli | Xss
Complexity
Trivial
Reliability
Reliable
Target:
leaftec CMS (version unspecified)
No auth needed
Prerequisites:
Access to vulnerable leaftec CMS instance
devstral-2 · analyzed Feb 18, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026