EIP-2026-109223

PRE-CVE

Lulieblog 1.2 - Multiple Vulnerabilities

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-109223. PoCs published by Cod3rZ.

AI-analyzed exploit summary The exploit demonstrates multiple vulnerabilities in LulieBlog 1.2, including admin authentication bypass, arbitrary file upload, and blind SQL injection. It includes functional Perl code for blind SQLi and HTML form for file upload.

Description

Lulieblog 1.2 - Multiple Vulnerabilities

Exploits (1)

exploitdb WORKING POC VERIFIED

by Cod3rZ · textwebappsphp

https://www.exploit-db.com/exploits/5644

View Code ZIP pw:eip

The exploit demonstrates multiple vulnerabilities in LulieBlog 1.2, including admin authentication bypass, arbitrary file upload, and blind SQL injection. It includes functional Perl code for blind SQLi and HTML form for file upload.

Classification

Working Poc 95%

Attack Type

Sqli, Auth Bypass, File Upload

Complexity

Moderate

Reliability

Reliable

Target: LulieBlog 1.2

No auth needed

Prerequisites: Network access to the target application

MITRE ATT&CK

T1189 - Drive-by Compromise T1190 - Exploit Public-Facing Application T1505 - Server Software Component

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026