EIP-2026-112302

PRE-CVE

Social Site Generator 2.2 - Cross-Site Request Forgery (Add Admin)

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-112302. PoCs published by Fallaga.

AI-analyzed exploit summary This exploit is an HTML form that submits a POST request to add an admin user to a vulnerable 'social generator' script. It bypasses authentication by directly submitting credentials to the admin panel.

Description

Social Site Generator 2.2 - Cross-Site Request Forgery (Add Admin)

Exploits (1)

exploitdb WORKING POC
by Fallaga · textwebappsphp
https://www.exploit-db.com/exploits/25245

This exploit is an HTML form that submits a POST request to add an admin user to a vulnerable 'social generator' script. It bypasses authentication by directly submitting credentials to the admin panel.

Classification
Working Poc 80%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: Social Site Generator Script 2.2
No auth needed
Prerequisites: Access to the target admin panel URL
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026