EIP-2026-112799

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-112799. PoCs published by IHTeam.

AI-analyzed exploit summary This document details multiple vulnerabilities in TS Special Edition <= v7.0, including information disclosure (MySQL credentials and config files), client-side manipulation (bypassing vote system via HTML source editing), and unauthorized data access (viewing user torrent activities via JavaScript injection). No functional exploit code is provided, but technical steps are described.

Description

TS Special Edition 7.0 - Multiple Vulnerabilities

Exploits (1)

exploitdb WRITEUP

by IHTeam · textwebappsphp

https://www.exploit-db.com/exploits/12645

View Code ZIP pw:eip

This document details multiple vulnerabilities in TS Special Edition <= v7.0, including information disclosure (MySQL credentials and config files), client-side manipulation (bypassing vote system via HTML source editing), and unauthorized data access (viewing user torrent activities via JavaScript injection). No functional exploit code is provided, but technical steps are described.

Classification

Writeup 90%

Attack Type

Info Leak | Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: TS Special Edition <= v7.0

No auth needed

Prerequisites: Access to userdetails.php or details.php · Ability to modify client-side HTML (e.g., via FireBug)

MITRE ATT&CK

T1119 - Automated Collection T1552 - Unsecured Credentials

devstral-2 · analyzed Feb 18, 2026 Full analysis →

TS Special Edition 7.0 - Multiple Vulnerabilities

Exploitation Summary

Description

Exploits (1)

Details