EIP-2026-112482

PRE-CVE

SuperCali PHP Event Calendar - Arbitrary Change Admin Password

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-112482. PoCs published by TiGeR-Dz.

AI-analyzed exploit summary This exploit describes an arbitrary password change vulnerability in SuperCali PHP Event Calendar. It provides steps to access the password change functionality without proper authentication.

Description

SuperCali PHP Event Calendar - Arbitrary Change Admin Password

Exploits (1)

exploitdb WRITEUP VERIFIED

by TiGeR-Dz · textwebappsphp

https://www.exploit-db.com/exploits/8874

View Code ZIP pw:eip

This exploit describes an arbitrary password change vulnerability in SuperCali PHP Event Calendar. It provides steps to access the password change functionality without proper authentication.

Classification

Writeup 90%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: SuperCali PHP Event Calendar

No auth needed

Prerequisites: Access to the login and user_profile pages

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026