EIP-2026-109366

PRE-CVE

MC Coming Soon Script - Arbitrary File Upload / Improper Access Restrictions

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-109366. PoCs published by Ihsan Sencan.

AI-analyzed exploit summary This is a writeup describing an improper access restriction vulnerability in MC Coming Soon Script. It lists multiple admin endpoints that can be accessed directly without authentication, potentially allowing unauthorized file uploads and other administrative actions.

Description

MC Coming Soon Script - Arbitrary File Upload / Improper Access Restrictions

Exploits (1)

exploitdb WRITEUP

by Ihsan Sencan · textwebappsphp

https://www.exploit-db.com/exploits/41070

View Code ZIP pw:eip

This is a writeup describing an improper access restriction vulnerability in MC Coming Soon Script. It lists multiple admin endpoints that can be accessed directly without authentication, potentially allowing unauthorized file uploads and other administrative actions.

Classification

Writeup 90%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: MC Coming Soon Script (version not specified)

No auth needed

Prerequisites: Network access to the target application

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026