Exploitation Summary
EIP tracks 1 public exploit for EIP-2026-112387. PoCs published by Siegfried.
AI-analyzed exploit summary The provided text describes SQL injection vulnerabilities in SPIP versions prior to and including 1.8.2-e and 1.9 alpha 2. It includes example URIs demonstrating the exploitation of these vulnerabilities to extract password hashes from the database.
Description
SPIP 1.8/1.9 - Multiple SQL Injections
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Siegfried · textwebappsphp
https://www.exploit-db.com/exploits/27157
The provided text describes SQL injection vulnerabilities in SPIP versions prior to and including 1.8.2-e and 1.9 alpha 2. It includes example URIs demonstrating the exploitation of these vulnerabilities to extract password hashes from the database.
Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:
SPIP <= 1.8.2-e, 1.9 alpha 2
No auth needed
Prerequisites:
Access to the target SPIP forum.php3 endpoint
devstral-2 · analyzed Feb 16, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026