EIP-2026-112429

PRE-CVE

Steam Profile Integration 2.0.11 - SQL injection

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-112429. PoCs published by DrWhat.

AI-analyzed exploit summary This exploit demonstrates a SQL injection vulnerability in IPS Community Suite's Steam Profile Integration plugin (versions 2.0.11 and below). The vulnerability arises from unsanitized user input in the 'id' parameter, which is directly used in a SQL query, allowing for arbitrary SQL command execution.

Description

Steam Profile Integration 2.0.11 - SQL injection

Exploits (1)

exploitdb WORKING POC
by DrWhat · textwebappsphp
https://www.exploit-db.com/exploits/41617

This exploit demonstrates a SQL injection vulnerability in IPS Community Suite's Steam Profile Integration plugin (versions 2.0.11 and below). The vulnerability arises from unsanitized user input in the 'id' parameter, which is directly used in a SQL query, allowing for arbitrary SQL command execution.

Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: IPS Community Suite - Steam Profile Integration 2.0.11 and below
Auth required
Prerequisites: Valid user account with access to the vulnerable endpoint · CSRF token
devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026