EIP-2026-109957
PRE-CVENooToplist 1.0 - 'index.php' Multiple SQL Injections
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-109957. PoCs published by David Sopas Ferreira.
AI-analyzed exploit summary The provided text describes SQL injection vulnerabilities in NooToplist due to improper input sanitization. It includes example URLs demonstrating the injection points but lacks executable exploit code.
Description
NooToplist 1.0 - 'index.php' Multiple SQL Injections
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by David Sopas Ferreira · textwebappsphp
https://www.exploit-db.com/exploits/26277
The provided text describes SQL injection vulnerabilities in NooToplist due to improper input sanitization. It includes example URLs demonstrating the injection points but lacks executable exploit code.
Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Theoretical
Target:
NooToplist (version unspecified)
No auth needed
Prerequisites:
Access to the vulnerable application
devstral-2 · analyzed Feb 16, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026