EIP-2026-109326

PRE-CVE

Marinet CMS - 'room.php' Blind SQL Injection

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-109326. PoCs published by BHG Security Center.

AI-analyzed exploit summary This exploit demonstrates a blind SQL injection vulnerability in MARINET CMS via the 'rid' parameter in room.php. The provided URL example shows how to inject SQL queries to manipulate the application's behavior.

Description

Marinet CMS - 'room.php' Blind SQL Injection

Exploits (1)

exploitdb WORKING POC

by BHG Security Center · textwebappsphp

https://www.exploit-db.com/exploits/17909

View Code ZIP pw:eip

This exploit demonstrates a blind SQL injection vulnerability in MARINET CMS via the 'rid' parameter in room.php. The provided URL example shows how to inject SQL queries to manipulate the application's behavior.

Classification

Working Poc 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: MARINET CMS (version not specified)

No auth needed

Prerequisites: Access to the vulnerable MARINET CMS instance

MITRE ATT&CK

T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026