EIP-2026-109198

PRE-CVE

Local Services Search Engine Management System (LSSMES) 1.0 - Blind & Error based SQL injection (Authenticated)

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-109198. PoCs published by Tushar Vaidya.

AI-analyzed exploit summary This is a writeup describing an authenticated blind and error-based SQL injection vulnerability in Local Services Search Engine Management System (LSSMES) 1.0. It provides steps to reproduce the vulnerability using SQLMap and includes a sample HTTP request.

Description

Local Services Search Engine Management System (LSSMES) 1.0 - Blind & Error based SQL injection (Authenticated)

Exploits (1)

exploitdb WRITEUP
by Tushar Vaidya · textwebappsphp
https://www.exploit-db.com/exploits/49610

This is a writeup describing an authenticated blind and error-based SQL injection vulnerability in Local Services Search Engine Management System (LSSMES) 1.0. It provides steps to reproduce the vulnerability using SQLMap and includes a sample HTTP request.

Classification
Writeup 90%
Attack Type
Sqli
Complexity
Moderate
Reliability
Reliable
Target: Local Services Search Engine Management System (LSSMES) v1.0
Auth required
Prerequisites: Admin credentials · Access to the admin panel · SQLMap tool
devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026