EIP-2026-113396

PRE-CVE

Wetransfer Clone Script - Authentication Bypass

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-113396. PoCs published by Ihsan Sencan.

AI-analyzed exploit summary This is a technical writeup describing an SQL injection and authentication bypass vulnerability in Wetransfer Clone Script. It provides specific payloads for exploitation but lacks deeper technical analysis or code.

Description

Wetransfer Clone Script - Authentication Bypass

Exploits (1)

exploitdb WRITEUP

by Ihsan Sencan · textwebappsphp

https://www.exploit-db.com/exploits/41094

View Code ZIP pw:eip

This is a technical writeup describing an SQL injection and authentication bypass vulnerability in Wetransfer Clone Script. It provides specific payloads for exploitation but lacks deeper technical analysis or code.

Classification

Writeup 80%

Attack Type

Sqli | Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: Wetransfer Clone Script

No auth needed

Prerequisites: Access to the admin login page

MITRE ATT&CK

T1189 - Drive-by Compromise T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026