EIP-2026-111019
PRE-CVEphpCollab 2.5 - Database Backup Information Disclosure
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-111019. PoCs published by team ' & 1=1--.
AI-analyzed exploit summary This exploit demonstrates an information disclosure vulnerability in phpCollab 2.5 by sending a crafted POST request to 'tbl_dump.php' to download backup files containing sensitive data. The attack leverages insufficient input validation to exfiltrate database tables.
Description
phpCollab 2.5 - Database Backup Information Disclosure
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by team ' & 1=1-- · textwebappsphp
https://www.exploit-db.com/exploits/37309
This exploit demonstrates an information disclosure vulnerability in phpCollab 2.5 by sending a crafted POST request to 'tbl_dump.php' to download backup files containing sensitive data. The attack leverages insufficient input validation to exfiltrate database tables.
Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target:
phpCollab 2.5
No auth needed
Prerequisites:
Access to the target web application
MITRE ATT&CK
mistral-large-3 · analyzed Feb 18, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026