EIP-2026-111856

PRE-CVE

S40 CMS 0.4.1 - Cross-Site Request Forgery (Change Admin Password)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-111856. PoCs published by pentesters.ir.

AI-analyzed exploit summary This exploit is an HTML form that demonstrates an authentication bypass vulnerability in S40 CMS v0.4.1 beta. It allows remote attackers to change the admin username and password by submitting a crafted POST request to the settings page without proper authentication.

Description

S40 CMS 0.4.1 - Cross-Site Request Forgery (Change Admin Password)

Exploits (1)

exploitdb WORKING POC

by pentesters.ir · htmlwebappsphp

https://www.exploit-db.com/exploits/15902

View Code ZIP pw:eip

This exploit is an HTML form that demonstrates an authentication bypass vulnerability in S40 CMS v0.4.1 beta. It allows remote attackers to change the admin username and password by submitting a crafted POST request to the settings page without proper authentication.

Classification

Working Poc 90%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: S40 CMS v0.4.1 beta

No auth needed

Prerequisites: Access to the target admin panel URL

MITRE ATT&CK

T1110.001 - Password Guessing T1078 - Valid Accounts

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026