EIP-2026-109423

This exploit targets a SQL injection vulnerability in MercuryBoard <= 1.1.4 via the User-Agent header to extract admin credentials. It performs blind SQL injection to retrieve the admin user ID and password hash.