EIP-2026-109674

PRE-CVE

My Private Tutor Website Builder Script - SQL Injection

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-109674. PoCs published by Ihsan Sencan.

AI-analyzed exploit summary This is a technical writeup detailing SQL injection and authentication bypass vulnerabilities in the My Private Tutor Website Builder Script. It provides specific endpoints and payloads for exploitation but does not include functional exploit code.

Description

My Private Tutor Website Builder Script - SQL Injection

Exploits (1)

exploitdb WRITEUP

by Ihsan Sencan · textwebappsphp

https://www.exploit-db.com/exploits/41102

View Code ZIP pw:eip

This is a technical writeup detailing SQL injection and authentication bypass vulnerabilities in the My Private Tutor Website Builder Script. It provides specific endpoints and payloads for exploitation but does not include functional exploit code.

Classification

Writeup 90%

Attack Type

Sqli | Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: My Private Tutor Website Builder Script

No auth needed

Prerequisites: Access to the target web application

MITRE ATT&CK

T1189 - Drive-by Compromise T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026