EIP-2026-109963

PRE-CVE

Novaboard 1.0.0 - Multiple Vulnerabilities

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-109963. PoCs published by brain[pillow].

AI-analyzed exploit summary This exploit demonstrates multiple vulnerabilities in NovaBoard v1.0.0, including blind SQL injection, standard SQL injection, authentication bypass, local file inclusion, and shell upload. The PoC provides specific payloads and conditions required for exploitation.

Description

Novaboard 1.0.0 - Multiple Vulnerabilities

Exploits (1)

exploitdb WORKING POC VERIFIED

by brain[pillow] · textwebappsphp

https://www.exploit-db.com/exploits/8063

View Code ZIP pw:eip

This exploit demonstrates multiple vulnerabilities in NovaBoard v1.0.0, including blind SQL injection, standard SQL injection, authentication bypass, local file inclusion, and shell upload. The PoC provides specific payloads and conditions required for exploitation.

Classification

Working Poc 90%

Attack Type

Sqli | Auth Bypass | Info Leak | Other

Complexity

Trivial

Reliability

Reliable

Target: NovaBoard v1.0.0

No auth needed

Prerequisites: magic quotes = off · attachments allowed for shell upload

MITRE ATT&CK

T1189 - Drive-by Compromise T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026