EIP-2026-113070

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-113070. PoCs published by Eyup CELIK.

AI-analyzed exploit summary The provided text describes an SQL injection vulnerability in VicBlog, where the 'tag' parameter in the URL is not properly sanitized, allowing attackers to manipulate SQL queries. The example demonstrates a basic SQLi payload but lacks functional exploit code.

Description

VicBlog - 'tag' SQL Injection

Exploits (1)

exploitdb WRITEUP VERIFIED

by Eyup CELIK · textwebappsphp

https://www.exploit-db.com/exploits/36081

View Code ZIP pw:eip

The provided text describes an SQL injection vulnerability in VicBlog, where the 'tag' parameter in the URL is not properly sanitized, allowing attackers to manipulate SQL queries. The example demonstrates a basic SQLi payload but lacks functional exploit code.

Classification

Writeup 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Theoretical

Target: VicBlog (version unspecified)

No auth needed

Prerequisites: Access to the VicBlog web application

MITRE ATT&CK

T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 18, 2026 Full analysis →

VicBlog - 'tag' SQL Injection

Exploitation Summary

Description

Exploits (1)

Details