EIP-2026-112508

PRE-CVE

SweetRice 1.5.1 - Backup Disclosure

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-112508. PoCs published by Ashiyane Digital Security Team.

AI-analyzed exploit summary This exploit discloses the presence of unprotected backup files in SweetRice 1.5.1, allowing unauthorized access to MySQL backups and website file backups via direct URL access.

Description

SweetRice 1.5.1 - Backup Disclosure

Exploits (1)

exploitdb WORKING POC VERIFIED

by Ashiyane Digital Security Team · textwebappsphp

https://www.exploit-db.com/exploits/40718

View Code ZIP pw:eip

This exploit discloses the presence of unprotected backup files in SweetRice 1.5.1, allowing unauthorized access to MySQL backups and website file backups via direct URL access.

Classification

Working Poc 100%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: SweetRice 1.5.1

No auth needed

Prerequisites: Network access to the target server · SweetRice 1.5.1 installed with default backup directory configurations

MITRE ATT&CK

T1592 - Gather Victim Host Information

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026