EIP-2026-109955

PRE-CVE

noname script 1.1 - Multiple Vulnerabilities

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-109955. PoCs published by SirGod.

AI-analyzed exploit summary This exploit demonstrates multiple vulnerabilities in NoName Script 1.1 BETA, including Local File Inclusion (LFI), SQL Injection (SQLi), and Cross-Site Request Forgery (CSRF). It provides functional proof-of-concept code for exploiting these vulnerabilities.

Description

noname script 1.1 - Multiple Vulnerabilities

Exploits (1)

exploitdb WORKING POC VERIFIED

by SirGod · textwebappsphp

https://www.exploit-db.com/exploits/6291

View Code ZIP pw:eip

This exploit demonstrates multiple vulnerabilities in NoName Script 1.1 BETA, including Local File Inclusion (LFI), SQL Injection (SQLi), and Cross-Site Request Forgery (CSRF). It provides functional proof-of-concept code for exploiting these vulnerabilities.

Classification

Working Poc 90%

Attack Type

Sqli | Auth Bypass | Other

Complexity

Trivial

Reliability

Reliable

Target: NoName Script 1.1 BETA

Auth required

Prerequisites: Access to the target application · Administrative privileges for CSRF exploitation

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026