EIP-2026-112237

PRE-CVE

Smart Vision Script News - 'newsdetail.php' SQL Injection (1)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-112237. PoCs published by Err0R.

AI-analyzed exploit summary This exploit demonstrates a SQL injection vulnerability in Smart Vision Script News (newsdetail) by manipulating the 'id' parameter to extract user credentials. The PoC includes specific queries to dump usernames and passwords from the database.

Description

Smart Vision Script News - 'newsdetail.php' SQL Injection (1)

Exploits (1)

exploitdb WORKING POC VERIFIED

by Err0R · textwebappsphp

https://www.exploit-db.com/exploits/10977

View Code ZIP pw:eip

This exploit demonstrates a SQL injection vulnerability in Smart Vision Script News (newsdetail) by manipulating the 'id' parameter to extract user credentials. The PoC includes specific queries to dump usernames and passwords from the database.

Classification

Working Poc 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: Smart Vision Script News (version unspecified)

No auth needed

Prerequisites: Target application with vulnerable 'newsdetail.php' endpoint · Database with accessible user_accounts table

MITRE ATT&CK

T1189 - Drive-by Compromise T1505 - Server Software Component

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026