EIP-2026-109614

PRE-CVE

MRCGIGUY Top Sites 1.0.0 - Insecure Cookie Handling

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-109614. PoCs published by ThE g0bL!N.

AI-analyzed exploit summary This exploit demonstrates an insecure cookie handling vulnerability in MRCGIGUY Top Sites 1.0.0, allowing an attacker to set arbitrary cookies via JavaScript injection, potentially leading to authentication bypass.

Description

MRCGIGUY Top Sites 1.0.0 - Insecure Cookie Handling

Exploits (1)

exploitdb WORKING POC VERIFIED

by ThE g0bL!N · textwebappsphp

https://www.exploit-db.com/exploits/8694

View Code ZIP pw:eip

This exploit demonstrates an insecure cookie handling vulnerability in MRCGIGUY Top Sites 1.0.0, allowing an attacker to set arbitrary cookies via JavaScript injection, potentially leading to authentication bypass.

Classification

Working Poc 90%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: MRCGIGUY Top Sites 1.0.0

No auth needed

Prerequisites: Access to a vulnerable instance of MRCGIGUY Top Sites 1.0.0 · Ability to execute JavaScript in the context of the target domain

MITRE ATT&CK

T1189 - Drive-by Compromise T1552 - Unsecured Credentials

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026