EIP-2026-110092

PRE-CVE

Online Email Manager - Insecure Cookie Handling

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-110092. PoCs published by Hussin X.

AI-analyzed exploit summary This exploit demonstrates an insecure cookie handling vulnerability in Online Email Manager, allowing an attacker to set an 'auth' cookie to 'admin' via JavaScript, bypassing authentication.

Description

Online Email Manager - Insecure Cookie Handling

Exploits (1)

exploitdb WORKING POC VERIFIED

by Hussin X · textwebappsphp

https://www.exploit-db.com/exploits/8476

View Code ZIP pw:eip

This exploit demonstrates an insecure cookie handling vulnerability in Online Email Manager, allowing an attacker to set an 'auth' cookie to 'admin' via JavaScript, bypassing authentication.

Classification

Working Poc 90%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: Online Email Manager (version not specified)

No auth needed

Prerequisites: Victim must execute the provided JavaScript code

MITRE ATT&CK

T1552 - Unsecured Credentials

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026