EIP-2026-111865
PRE-CVESad Raven's Click Counter 1.0 - 'passwd.dat' File Disclosure
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-111865. PoCs published by Pouya_Server.
AI-analyzed exploit summary This exploit targets Sad Raven's Click Counter v1.0 by directly accessing the 'passwd.dat' file, which contains admin credentials in plaintext or MD5 format. It retrieves and displays the admin username and password by reading the file via a crafted URL.
Description
Sad Raven's Click Counter 1.0 - 'passwd.dat' File Disclosure
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Pouya_Server · pythonwebappsphp
https://www.exploit-db.com/exploits/7844
This exploit targets Sad Raven's Click Counter v1.0 by directly accessing the 'passwd.dat' file, which contains admin credentials in plaintext or MD5 format. It retrieves and displays the admin username and password by reading the file via a crafted URL.
Classification
Working Poc 95%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target:
Sad Raven's Click Counter v1.0
No auth needed
Prerequisites:
Target must have Sad Raven's Click Counter v1.0 installed · The 'passwd.dat' file must be accessible via the web path
devstral-2 · analyzed Feb 18, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026