EIP-2026-113062

PRE-CVE

ViArt Shop 4.0.5 - Multiple Vulnerabilities

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-113062. PoCs published by Ariko-Security.

AI-analyzed exploit summary This advisory details multiple vulnerabilities in ViArt SHOP 4.0.5, including SQL injection, XSS, iFrame injection, link injection, and URL redirector abuse. It provides specific parameter names and affected files but lacks functional exploit code.

Description

ViArt Shop 4.0.5 - Multiple Vulnerabilities

Exploits (1)

exploitdb WRITEUP

by Ariko-Security · textwebappsphp

https://www.exploit-db.com/exploits/15572

View Code ZIP pw:eip

This advisory details multiple vulnerabilities in ViArt SHOP 4.0.5, including SQL injection, XSS, iFrame injection, link injection, and URL redirector abuse. It provides specific parameter names and affected files but lacks functional exploit code.

Classification

Writeup 90%

Attack Type

Sqli | Xss | Other

Complexity

Trivial

Reliability

Theoretical

Target: ViArt SHOP 4.0.5

No auth needed

Prerequisites: Access to vulnerable ViArt SHOP instance

MITRE ATT&CK

T1189 - Drive-by Compromise T1059 - Command and Scripting Interpreter T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026