EIP-2026-112843

PRE-CVE

UBBCentral UBB.Threads 5.5.1 - 'message' SQL Injection

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-112843. PoCs published by s4squatch.

AI-analyzed exploit summary This is a technical writeup detailing SQL injection vulnerabilities in UBBThreads, specifically targeting admin credentials stored in plaintext. It provides specific exploit paths and additional attack vectors like file uploads and database command execution.

Description

UBBCentral UBB.Threads 5.5.1 - 'message' SQL Injection

Exploits (1)

exploitdb WRITEUP VERIFIED

by s4squatch · textwebappsphp

https://www.exploit-db.com/exploits/8210

View Code ZIP pw:eip

This is a technical writeup detailing SQL injection vulnerabilities in UBBThreads, specifically targeting admin credentials stored in plaintext. It provides specific exploit paths and additional attack vectors like file uploads and database command execution.

Classification

Writeup 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: UBBThreads 5.5.1

No auth needed

Prerequisites: Access to the target UBBThreads installation

MITRE ATT&CK

T1189 - Drive-by Compromise T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026