EIP-2026-113088

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-113088. PoCs published by seceurityoverun.

AI-analyzed exploit summary The analysis describes an SQL injection vulnerability in VideoDB's borrow.php due to improper use of addslashes, which can be bypassed with multibyte encoding. The author provides code snippets and discusses the potential impact, including database content overwrite and information disclosure.

Description

VideoDB 3.1.0 - SQL Injection

Exploits (1)

exploitdb WRITEUP VERIFIED

by seceurityoverun · textwebappsphp

https://www.exploit-db.com/exploits/17660

View Code ZIP pw:eip

The analysis describes an SQL injection vulnerability in VideoDB's borrow.php due to improper use of addslashes, which can be bypassed with multibyte encoding. The author provides code snippets and discusses the potential impact, including database content overwrite and information disclosure.

Classification

Writeup 90%

Attack Type

Sqli

Complexity

Moderate

Reliability

Theoretical

Target: VideoDB (version not specified, likely older versions)

Auth required

Prerequisites: Access to borrow.php with a vulnerable diskid parameter · Authentication with sufficient permissions

MITRE ATT&CK

T1189 - Drive-by Compromise T1505 - Server Software Component

devstral-2 · analyzed Feb 18, 2026 Full analysis →

VideoDB 3.1.0 - SQL Injection

Exploitation Summary

Description

Exploits (1)

Details