Exploitation Summary
EIP tracks 1 public exploit for EIP-2026-110550. PoCs published by BugReport.IR.
AI-analyzed exploit summary This exploit demonstrates a SQL injection vulnerability in Persia BME E-Catalogue's search.aspx page via the 'q' parameter, allowing an attacker to extract plaintext user credentials from the database.
Description
Persia BME E-Catalogue - SQL Injection
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by BugReport.IR · textwebappsphp
https://www.exploit-db.com/exploits/6847
This exploit demonstrates a SQL injection vulnerability in Persia BME E-Catalogue's search.aspx page via the 'q' parameter, allowing an attacker to extract plaintext user credentials from the database.
Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:
Persia BME E-Catalogue (version unspecified)
No auth needed
Prerequisites:
Access to the vulnerable search.aspx endpoint
devstral-2 · analyzed Feb 16, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026