EIP-2026-111570

PRE-CVE

PTC Site's - Remote Code Execution / Cross-Site Scripting

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-111570. PoCs published by CrazyMember.

AI-analyzed exploit summary This is a writeup describing an RCE/XSS vulnerability in PTC Site's software, where the 'ref' parameter in the help page is vulnerable to command injection and XSS. The document provides example URLs but lacks actual exploit code.

Description

PTC Site's - Remote Code Execution / Cross-Site Scripting

Exploits (1)

exploitdb WRITEUP VERIFIED
by CrazyMember · textwebappsphp
https://www.exploit-db.com/exploits/12808

This is a writeup describing an RCE/XSS vulnerability in PTC Site's software, where the 'ref' parameter in the help page is vulnerable to command injection and XSS. The document provides example URLs but lacks actual exploit code.

Classification
Writeup 80%
Attack Type
Rce | Xss
Complexity
Trivial
Reliability
Theoretical
Target: PTC Site's software (version unspecified)
No auth needed
Prerequisites: Access to the vulnerable endpoint · Parameter manipulation capability
devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026