EIP-2026-109551

PRE-CVE

MoME CMS 0.8.5 - Remote Authentication Bypass

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-109551. PoCs published by cr4wl3r.

AI-analyzed exploit summary This exploit demonstrates an SQL injection vulnerability in MoME CMS <= 0.8.5, allowing remote login bypass when magic_quotes_gpc is disabled. The PoC uses a classic SQLi payload to bypass authentication.

Description

MoME CMS 0.8.5 - Remote Authentication Bypass

Exploits (1)

exploitdb WORKING POC VERIFIED
by cr4wl3r · textwebappsphp
https://www.exploit-db.com/exploits/11157

This exploit demonstrates an SQL injection vulnerability in MoME CMS <= 0.8.5, allowing remote login bypass when magic_quotes_gpc is disabled. The PoC uses a classic SQLi payload to bypass authentication.

Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: MoME CMS <= 0.8.5
No auth needed
Prerequisites: magic_quotes_gpc = off · access to login page
devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026