EIP-2026-110758

PRE-CVE

PHP Server Monitor - Persistent Cross-Site Scripting

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-110758. PoCs published by loneferret.

AI-analyzed exploit summary This is a technical writeup describing a stored XSS vulnerability in PHP Server Monitor v2.0.1. The vulnerability allows arbitrary JavaScript execution via input fields such as the label name or IP address, which can disrupt the page or steal cookies.

Description

PHP Server Monitor - Persistent Cross-Site Scripting

Exploits (1)

exploitdb WRITEUP VERIFIED
by loneferret · textwebappsphp
https://www.exploit-db.com/exploits/22881

This is a technical writeup describing a stored XSS vulnerability in PHP Server Monitor v2.0.1. The vulnerability allows arbitrary JavaScript execution via input fields such as the label name or IP address, which can disrupt the page or steal cookies.

Classification
Writeup 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: PHP Server Monitor v2.0.1
Auth required
Prerequisites: Access to the 'Add server' page · Valid user credentials
devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026