EIP-2026-109881

PRE-CVE

NetHoteles 2.0/3.0 - Authentication Bypass

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-109881. PoCs published by Dns-Team.

AI-analyzed exploit summary This exploit demonstrates an authentication bypass via SQL injection in NetHoteles v2.0 and v3.0. It provides credentials to bypass login for both admin and superadmin panels.

Description

NetHoteles 2.0/3.0 - Authentication Bypass

Exploits (1)

exploitdb WORKING POC VERIFIED
by Dns-Team · textwebappsphp
https://www.exploit-db.com/exploits/8449

This exploit demonstrates an authentication bypass via SQL injection in NetHoteles v2.0 and v3.0. It provides credentials to bypass login for both admin and superadmin panels.

Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: NetHoteles v2.0 and v3.0
No auth needed
Prerequisites: access to the login page of the target application
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026