EIP-2026-114500

PRE-CVE

YaCOMAS 0.3.6 Alpha - Multiple Vulnerabilities

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-114500. PoCs published by Pr@fesOr X.

AI-analyzed exploit summary This document details multiple vulnerabilities in YaCOMAS 0.3.6, including XSS, directory listing disclosure, and brute force attack risks. It provides specific attack vectors and payloads but lacks functional exploit code.

Description

YaCOMAS 0.3.6 Alpha - Multiple Vulnerabilities

Exploits (1)

exploitdb WRITEUP

by Pr@fesOr X · textwebappsphp

https://www.exploit-db.com/exploits/17076

View Code ZIP pw:eip

This document details multiple vulnerabilities in YaCOMAS 0.3.6, including XSS, directory listing disclosure, and brute force attack risks. It provides specific attack vectors and payloads but lacks functional exploit code.

Classification

Writeup 90%

Attack Type

Xss | Info Leak | Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: YaCOMAS 0.3.6

No auth needed

Prerequisites: Access to the target web application

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1190 - Exploit Public-Facing Application T1110 - Brute Force

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026