EIP-2026-112199

PRE-CVE

SjXjV 2.3 - 'post.php' SQL Injection

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-112199. PoCs published by 599eme Man.

AI-analyzed exploit summary This exploit demonstrates an SQL injection vulnerability in SjXjV 2.3 via the 'tid' parameter in post.php. The PoC includes payloads to extract table names and database version, confirming the vulnerability.

Description

SjXjV 2.3 - 'post.php' SQL Injection

Exploits (1)

exploitdb WORKING POC VERIFIED

by 599eme Man · textwebappsphp

https://www.exploit-db.com/exploits/36269

View Code ZIP pw:eip

This exploit demonstrates an SQL injection vulnerability in SjXjV 2.3 via the 'tid' parameter in post.php. The PoC includes payloads to extract table names and database version, confirming the vulnerability.

Classification

Working Poc 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: SjXjV 2.3

No auth needed

Prerequisites: Access to the vulnerable endpoint · Basic knowledge of SQL injection techniques

MITRE ATT&CK

T1105 - Ingress Tool Transfer T1505 - Server Software Component

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026