EIP-2026-112196

PRE-CVE

siu guarani - Multiple Vulnerabilities

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-112196. PoCs published by Ubik & proudhon.

AI-analyzed exploit summary The exploit demonstrates multiple vulnerabilities in SIU Guarani, including SQL injection, blind SQL injection, and file upload flaws. It provides functional Python scripts to exploit these vulnerabilities, leveraging session fixation and Informix-specific SQL techniques.

Description

siu guarani - Multiple Vulnerabilities

Exploits (1)

exploitdb WORKING POC VERIFIED

by Ubik & proudhon · textwebappsphp

https://www.exploit-db.com/exploits/7381

View Code ZIP pw:eip

The exploit demonstrates multiple vulnerabilities in SIU Guarani, including SQL injection, blind SQL injection, and file upload flaws. It provides functional Python scripts to exploit these vulnerabilities, leveraging session fixation and Informix-specific SQL techniques.

Classification

Working Poc 95%

Attack Type

Sqli | Info Leak | Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: SIU Guarani (version not specified)

Auth required

Prerequisites: Valid PHP session ID (phpsessid) · Network access to the target server

MITRE ATT&CK

T1189 - Drive-by Compromise T1505 - Server Software Component T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026