EIP-2026-112426
PRE-CVEStatsCode - Multiple Cross-Site Scripting Vulnerabilities
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-112426. PoCs published by 599eme Man.
AI-analyzed exploit summary This is a writeup describing a cross-site scripting (XSS) vulnerability in StatsCode. It provides example payloads for the login and password fields that can execute arbitrary JavaScript in the context of the affected site.
Description
StatsCode - Multiple Cross-Site Scripting Vulnerabilities
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by 599eme Man · textwebappsphp
https://www.exploit-db.com/exploits/34805
This is a writeup describing a cross-site scripting (XSS) vulnerability in StatsCode. It provides example payloads for the login and password fields that can execute arbitrary JavaScript in the context of the affected site.
Classification
Writeup 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target:
StatsCode (version not specified)
No auth needed
Prerequisites:
Access to the login page of the affected StatsCode application
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026