EIP-2026-113021
PRE-CVEvBulletin MicroCART 1.1.4 - Arbitrary Files Deletion / SQL Injection / Cross-Site Scripting
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-113021. PoCs published by Technidev.
AI-analyzed exploit summary This is a detailed technical writeup describing multiple vulnerabilities in vBulletin MicroCART 1.1.4, including arbitrary file deletion, SQL injection, and XSS. It provides code snippets and exploitation steps but does not include functional exploit code.
Description
vBulletin MicroCART 1.1.4 - Arbitrary Files Deletion / SQL Injection / Cross-Site Scripting
Exploits (1)
exploitdb
WRITEUP
by Technidev · textwebappsphp
https://www.exploit-db.com/exploits/35733
This is a detailed technical writeup describing multiple vulnerabilities in vBulletin MicroCART 1.1.4, including arbitrary file deletion, SQL injection, and XSS. It provides code snippets and exploitation steps but does not include functional exploit code.
Classification
Writeup 95%
Attack Type
Sqli | Xss | Other
Complexity
Trivial
Reliability
Reliable
Target:
vBulletin MicroCART 1.1.4
No auth needed
Prerequisites:
Access to the target server's web interface
mistral-large-3 · analyzed Feb 18, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026