Exploitation Summary
EIP tracks 1 public exploit for EIP-2026-113254. PoCs published by lwang.
AI-analyzed exploit summary The provided text describes SQL injection vulnerabilities in WebCalendar version 1.0.1, with example URLs demonstrating the injection points. It lacks functional exploit code but provides technical details about the vulnerability.
Description
WebCalendar 1.0.1 - Multiple SQL Injections
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by lwang · textwebappsphp
https://www.exploit-db.com/exploits/26687
The provided text describes SQL injection vulnerabilities in WebCalendar version 1.0.1, with example URLs demonstrating the injection points. It lacks functional exploit code but provides technical details about the vulnerability.
Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:
WebCalendar 1.0.1
No auth needed
Prerequisites:
Access to the vulnerable WebCalendar instance
MITRE ATT&CK
devstral-2 · analyzed Feb 18, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026