EIP-2026-111233
PRE-CVEphpvidz 0.9.5 - Administrative Credentials Disclosure
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-111233. PoCs published by Michael Brooks.
AI-analyzed exploit summary This exploit discloses a vulnerability in phpvidz 0.9.5 where administrative credentials are stored in a flat file (init.inc) accessible via direct URL access. The default password is exposed, allowing unauthorized admin access.
Description
phpvidz 0.9.5 - Administrative Credentials Disclosure
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Michael Brooks · textwebappsphp
https://www.exploit-db.com/exploits/15606
This exploit discloses a vulnerability in phpvidz 0.9.5 where administrative credentials are stored in a flat file (init.inc) accessible via direct URL access. The default password is exposed, allowing unauthorized admin access.
Classification
Writeup 100%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target:
phpvidz 0.9.5
No auth needed
Prerequisites:
Access to the target URL
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026