Exploitation Summary
EIP tracks 1 public exploit for EIP-2026-111654. PoCs published by b3.
AI-analyzed exploit summary This exploit demonstrates a SQL injection vulnerability in QWERTY CMS lite via the 'id' parameter in index.php. The provided payload extracts data from the administrator table, including password hashes, without requiring authentication.
Description
Qwerty CMS - 'id' SQL Injection
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by b3 · textwebappsphp
https://www.exploit-db.com/exploits/8104
This exploit demonstrates a SQL injection vulnerability in QWERTY CMS lite via the 'id' parameter in index.php. The provided payload extracts data from the administrator table, including password hashes, without requiring authentication.
Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:
QWERTY CMS lite
No auth needed
Prerequisites:
Access to the target URL with the vulnerable parameter
mistral-large-3 · analyzed Feb 18, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026