EIP-2026-112494
PRE-CVESupport Board 3.3.3 - 'Multiple' SQL Injection (Unauthenticated)
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-112494. PoCs published by John Jefferson Li.
AI-analyzed exploit summary The exploit demonstrates multiple unauthenticated SQL injection vulnerabilities in Support Board 3.3.3 via crafted POST requests to ajax.php. It includes error-based and time-based SQLi payloads targeting parameters like status_code, department, user_id, conversation_id, conversation_status_code, and recipient_id.
Description
Support Board 3.3.3 - 'Multiple' SQL Injection (Unauthenticated)
Exploits (1)
The exploit demonstrates multiple unauthenticated SQL injection vulnerabilities in Support Board 3.3.3 via crafted POST requests to ajax.php. It includes error-based and time-based SQLi payloads targeting parameters like status_code, department, user_id, conversation_id, conversation_status_code, and recipient_id.