EIP-2026-112690
PRE-CVETime Slot Booking Calendar 1.8 - Stored Cross-Site Scripting (XSS)
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-112690. PoCs published by CraCkEr.
AI-analyzed exploit summary This is a writeup detailing a stored XSS vulnerability in Time Slot Booking Calendar 1.8. It describes how an attacker can inject malicious scripts into multiple POST parameters, which are then executed when an admin views specific pages.
Description
Time Slot Booking Calendar 1.8 - Stored Cross-Site Scripting (XSS)
Exploits (1)
exploitdb
WRITEUP
by CraCkEr · textwebappsphp
https://www.exploit-db.com/exploits/51558
This is a writeup detailing a stored XSS vulnerability in Time Slot Booking Calendar 1.8. It describes how an attacker can inject malicious scripts into multiple POST parameters, which are then executed when an admin views specific pages.
Classification
Writeup 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target:
Time Slot Booking Calendar 1.8
No auth needed
Prerequisites:
Access to the booking form · Admin interaction with the dashboard or booking pages
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026