EIP-2026-111865

PRE-CVE

Sad Raven's Click Counter 1.0 - 'passwd.dat' File Disclosure

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-111865. PoCs published by Pouya_Server.

AI-analyzed exploit summary This exploit targets Sad Raven's Click Counter v1.0 by directly accessing the 'passwd.dat' file, which contains admin credentials in plaintext or MD5 format. It retrieves and displays the admin username and password by reading the file via a crafted URL.

Description

Sad Raven's Click Counter 1.0 - 'passwd.dat' File Disclosure

Exploits (1)

exploitdb WORKING POC VERIFIED
by Pouya_Server · pythonwebappsphp
https://www.exploit-db.com/exploits/7844

This exploit targets Sad Raven's Click Counter v1.0 by directly accessing the 'passwd.dat' file, which contains admin credentials in plaintext or MD5 format. It retrieves and displays the admin username and password by reading the file via a crafted URL.

Classification
Working Poc 95%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Sad Raven's Click Counter v1.0
No auth needed
Prerequisites: Target must have Sad Raven's Click Counter v1.0 installed · The 'passwd.dat' file must be accessible via the web path
devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026