EIP-2026-110085

PRE-CVE

Online Diagnostic Lab Management System 1.0 - Stored Cross Site Scripting (XSS)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-110085. PoCs published by Himash.

AI-analyzed exploit summary This exploit demonstrates a stored XSS vulnerability in Online Diagnostic Lab Management System 1.0. The payload is injected via the 'First Name' and 'Last Name' fields in the user creation form, triggering when the user list is accessed.

Description

Online Diagnostic Lab Management System 1.0 - Stored Cross Site Scripting (XSS)

Exploits (1)

exploitdb WORKING POC

by Himash · textwebappsphp

https://www.exploit-db.com/exploits/50661

View Code ZIP pw:eip

This exploit demonstrates a stored XSS vulnerability in Online Diagnostic Lab Management System 1.0. The payload is injected via the 'First Name' and 'Last Name' fields in the user creation form, triggering when the user list is accessed.

Classification

Working Poc 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: Online Diagnostic Lab Management System 1.0

Auth required

Prerequisites: Admin credentials · Access to the admin panel

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026