EIP-2026-112072

PRE-CVE

Simple Client Management System 1.0 - 'multiple' Stored Cross-Site Scripting (XSS)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-112072. PoCs published by Sentinal920.

AI-analyzed exploit summary This exploit demonstrates a stored XSS vulnerability in Simple Client Management System 1.0 via the 'lastname' and 'remarks' parameters. It includes detailed HTTP requests with payloads that trigger the vulnerability.

Description

Simple Client Management System 1.0 - 'multiple' Stored Cross-Site Scripting (XSS)

Exploits (1)

exploitdb WORKING POC

by Sentinal920 · textwebappsphp

https://www.exploit-db.com/exploits/50498

View Code ZIP pw:eip

This exploit demonstrates a stored XSS vulnerability in Simple Client Management System 1.0 via the 'lastname' and 'remarks' parameters. It includes detailed HTTP requests with payloads that trigger the vulnerability.

Classification

Working Poc 95%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: Simple Client Management System 1.0

Auth required

Prerequisites: Access to the admin panel · Valid session cookie

MITRE ATT&CK

T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026