EIP-2026-109256

PRE-CVE

Maian Music 1.0 - Insecure Cookie Handling

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-109256. PoCs published by Saime.

AI-analyzed exploit summary The exploit demonstrates an insecure cookie handling vulnerability in Maian Music v1.0, where the admin panel only checks if the cookie value matches the MD5 hash of the admin username. This allows an attacker to bypass authentication by setting a crafted cookie.

Description

Maian Music 1.0 - Insecure Cookie Handling

Exploits (1)

exploitdb WORKING POC VERIFIED

by Saime · textwebappsphp

https://www.exploit-db.com/exploits/6051

View Code ZIP pw:eip

The exploit demonstrates an insecure cookie handling vulnerability in Maian Music v1.0, where the admin panel only checks if the cookie value matches the MD5 hash of the admin username. This allows an attacker to bypass authentication by setting a crafted cookie.

Classification

Working Poc 90%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: Maian Music v1.0

No auth needed

Prerequisites: Access to the target application's admin panel URL

MITRE ATT&CK

T1552 - Unsecured Credentials

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026