EIP-2026-112814

PRE-CVE

Tutorials Manager 1.0 - Multiple SQL Injections

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-112814. PoCs published by Hillel Himovich.

AI-analyzed exploit summary The document describes multiple SQL injection vulnerabilities in Tutorials Manager, detailing specific URLs and input vectors that can be exploited to manipulate query logic, potentially leading to unauthorized access or data corruption. It also includes an example of an authentication bypass via SQL injection in the admin.php script.

Description

Tutorials Manager 1.0 - Multiple SQL Injections

Exploits (1)

exploitdb WRITEUP VERIFIED
by Hillel Himovich · textwebappsphp
https://www.exploit-db.com/exploits/24104

The document describes multiple SQL injection vulnerabilities in Tutorials Manager, detailing specific URLs and input vectors that can be exploited to manipulate query logic, potentially leading to unauthorized access or data corruption. It also includes an example of an authentication bypass via SQL injection in the admin.php script.

Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: Tutorials Manager
No auth needed
Prerequisites: Access to the vulnerable web application
mistral-large-3 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026