EIP-2026-114522
PRE-CVEYellow Swordfish Simple Forum 1.7/1.9 - 'index.php' SQL Injection
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-114522. PoCs published by S@BUN.
AI-analyzed exploit summary The exploit demonstrates an SQL injection vulnerability in Simple Forum by injecting a UNION-based query to extract user credentials from the database. The payload is appended to the 'pagename' parameter and retrieves 'user_login' and 'user_pass' from the 'wp_users' table.
Description
Yellow Swordfish Simple Forum 1.7/1.9 - 'index.php' SQL Injection
Exploits (1)
The exploit demonstrates an SQL injection vulnerability in Simple Forum by injecting a UNION-based query to extract user credentials from the database. The payload is appended to the 'pagename' parameter and retrieves 'user_login' and 'user_pass' from the 'wp_users' table.