EIP-2026-112001

PRE-CVE

Serenity Client Management Portal 1.0.1 - Multiple Vulnerabilities

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-112001. PoCs published by Halil Dalabasmaz.

AI-analyzed exploit summary This is a technical writeup describing multiple vulnerabilities in Serenity Client Management Portal v1.0.1, including unrestricted file upload and stored XSS. It provides specific attack vectors and payloads but does not include functional exploit code.

Description

Serenity Client Management Portal 1.0.1 - Multiple Vulnerabilities

Exploits (1)

exploitdb WRITEUP

by Halil Dalabasmaz · textwebappsphp

https://www.exploit-db.com/exploits/35197

View Code ZIP pw:eip

This is a technical writeup describing multiple vulnerabilities in Serenity Client Management Portal v1.0.1, including unrestricted file upload and stored XSS. It provides specific attack vectors and payloads but does not include functional exploit code.

Classification

Writeup 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: Serenity Client Management Portal v1.0.1

Auth required

Prerequisites: Valid credentials to access the profile section

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059.007 - JavaScript

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026