EIP-2026-111570
PRE-CVEPTC Site's - Remote Code Execution / Cross-Site Scripting
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-111570. PoCs published by CrazyMember.
AI-analyzed exploit summary This is a writeup describing an RCE/XSS vulnerability in PTC Site's software, where the 'ref' parameter in the help page is vulnerable to command injection and XSS. The document provides example URLs but lacks actual exploit code.
Description
PTC Site's - Remote Code Execution / Cross-Site Scripting
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by CrazyMember · textwebappsphp
https://www.exploit-db.com/exploits/12808
This is a writeup describing an RCE/XSS vulnerability in PTC Site's software, where the 'ref' parameter in the help page is vulnerable to command injection and XSS. The document provides example URLs but lacks actual exploit code.
Classification
Writeup 80%
Attack Type
Rce | Xss
Complexity
Trivial
Reliability
Theoretical
Target:
PTC Site's software (version unspecified)
No auth needed
Prerequisites:
Access to the vulnerable endpoint · Parameter manipulation capability
devstral-2 · analyzed Feb 16, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026