EIP-2026-113071

PRE-CVE

VicBlog - Multiple SQL Injections

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-113071. PoCs published by Geek.

AI-analyzed exploit summary The provided text describes a SQL injection vulnerability in VicBlog, where user-supplied input is not properly sanitized before being used in SQL queries. The example demonstrates how an attacker could exploit this by injecting malicious SQL via the 'tag' or 'updated_max' parameters in the URL.

Description

VicBlog - Multiple SQL Injections

Exploits (1)

exploitdb WRITEUP VERIFIED
by Geek · textwebappsphp
https://www.exploit-db.com/exploits/37979

The provided text describes a SQL injection vulnerability in VicBlog, where user-supplied input is not properly sanitized before being used in SQL queries. The example demonstrates how an attacker could exploit this by injecting malicious SQL via the 'tag' or 'updated_max' parameters in the URL.

Classification
Writeup 80%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: VicBlog (version not specified)
No auth needed
Prerequisites: Access to the vulnerable VicBlog application
mistral-large-3 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026