EIP-2026-110638
PRE-CVEPHP Address Book 7.0 - Multiple Cross-Site Scripting Vulnerabilities
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-110638. PoCs published by Stefan Schurtz.
AI-analyzed exploit summary The provided text describes multiple cross-site scripting (XSS) vulnerabilities in PHP Address Book 7.0 due to insufficient input sanitization. It includes example URLs demonstrating the vulnerability but does not contain functional exploit code.
Description
PHP Address Book 7.0 - Multiple Cross-Site Scripting Vulnerabilities
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Stefan Schurtz · textwebappsphp
https://www.exploit-db.com/exploits/37219
The provided text describes multiple cross-site scripting (XSS) vulnerabilities in PHP Address Book 7.0 due to insufficient input sanitization. It includes example URLs demonstrating the vulnerability but does not contain functional exploit code.
Classification
Writeup 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target:
PHP Address Book 7.0
No auth needed
Prerequisites:
Access to the vulnerable web application
MITRE ATT&CK
devstral-2 · analyzed Feb 18, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026