EIP-2026-114644

PRE-CVE

Zoo Management System 1.0 - 'Multiple' Persistent Cross-Site-Scripting (XSS)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-114644. PoCs published by Subhadip Nag.

AI-analyzed exploit summary This exploit demonstrates multiple stored XSS vulnerabilities in Zoo Management System 1.0 by injecting malicious scripts into input fields (e.g., animal details, ticket management, and page descriptions). The payloads are stored and executed when accessed by other users.

Description

Zoo Management System 1.0 - 'Multiple' Persistent Cross-Site-Scripting (XSS)

Exploits (1)

exploitdb WORKING POC

by Subhadip Nag · textwebappsphp

https://www.exploit-db.com/exploits/50117

View Code ZIP pw:eip

This exploit demonstrates multiple stored XSS vulnerabilities in Zoo Management System 1.0 by injecting malicious scripts into input fields (e.g., animal details, ticket management, and page descriptions). The payloads are stored and executed when accessed by other users.

Classification

Working Poc 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: Zoo Management System 1.0

Auth required

Prerequisites: Access to admin panel · Valid credentials

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059.007 - JavaScript

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026