EIP-2026-109413

PRE-CVE

Memorial Web Site Script - Multiple Arbitrary Delete Vulnerabilities

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-109413. PoCs published by Chip d3 bi0s.

AI-analyzed exploit summary The exploit demonstrates multiple arbitrary deletion vulnerabilities in Memorial Web Site Script by Easy Scripts. It allows unauthenticated deletion of memorials, pictures, users, and other data via direct ID-based requests to admin endpoints.

Description

Memorial Web Site Script - Multiple Arbitrary Delete Vulnerabilities

Exploits (1)

exploitdb WORKING POC VERIFIED

by Chip d3 bi0s · textwebappsphp

https://www.exploit-db.com/exploits/12359

View Code ZIP pw:eip

The exploit demonstrates multiple arbitrary deletion vulnerabilities in Memorial Web Site Script by Easy Scripts. It allows unauthenticated deletion of memorials, pictures, users, and other data via direct ID-based requests to admin endpoints.

Classification

Working Poc 90%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: Memorial Web Site Script by Easy Scripts

No auth needed

Prerequisites: Knowledge of target ID values

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1565 - Data Manipulation

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026