EIP-2026-113021

PRE-CVE

vBulletin MicroCART 1.1.4 - Arbitrary Files Deletion / SQL Injection / Cross-Site Scripting

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-113021. PoCs published by Technidev.

AI-analyzed exploit summary This is a detailed technical writeup describing multiple vulnerabilities in vBulletin MicroCART 1.1.4, including arbitrary file deletion, SQL injection, and XSS. It provides code snippets and exploitation steps but does not include functional exploit code.

Description

vBulletin MicroCART 1.1.4 - Arbitrary Files Deletion / SQL Injection / Cross-Site Scripting

Exploits (1)

exploitdb WRITEUP
by Technidev · textwebappsphp
https://www.exploit-db.com/exploits/35733

This is a detailed technical writeup describing multiple vulnerabilities in vBulletin MicroCART 1.1.4, including arbitrary file deletion, SQL injection, and XSS. It provides code snippets and exploitation steps but does not include functional exploit code.

Classification
Writeup 95%
Attack Type
Sqli | Xss | Other
Complexity
Trivial
Reliability
Reliable
Target: vBulletin MicroCART 1.1.4
No auth needed
Prerequisites: Access to the target server's web interface
mistral-large-3 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026