EIP-2026-112920

PRE-CVE

URL Shortener Script 1.0 - SQL Injection

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-112920. PoCs published by M.Jock3R.

AI-analyzed exploit summary This is a writeup describing a SQL injection vulnerability in the 'url shortener script 1.0' due to improper sanitization of the 'id' parameter in show.php. The exploit demonstrates how an attacker can inject malicious SQL queries via the 'id' parameter.

Description

URL Shortener Script 1.0 - SQL Injection

Exploits (1)

exploitdb WRITEUP

by M.Jock3R · textwebappsphp

https://www.exploit-db.com/exploits/17937

View Code ZIP pw:eip

This is a writeup describing a SQL injection vulnerability in the 'url shortener script 1.0' due to improper sanitization of the 'id' parameter in show.php. The exploit demonstrates how an attacker can inject malicious SQL queries via the 'id' parameter.

Classification

Writeup 80%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: url shortener script 1.0

No auth needed

Prerequisites: Access to the vulnerable 'show.php' endpoint

MITRE ATT&CK

T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026