EIP-2026-114746
PRE-CVEClient Management System 1.1 - 'Search' SQL Injection
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-114746. PoCs published by BHAVESH KAUL.
AI-analyzed exploit summary This exploit demonstrates a SQL injection vulnerability in Client Management System 1.1 via the 'search invoices' field in the admin panel. The payload ' OR 'x'='x bypasses authentication and retrieves all records, confirming the vulnerability.
Description
Client Management System 1.1 - 'Search' SQL Injection
Exploits (1)
exploitdb
WORKING POC
by BHAVESH KAUL · textwebappstru64
https://www.exploit-db.com/exploits/50008
This exploit demonstrates a SQL injection vulnerability in Client Management System 1.1 via the 'search invoices' field in the admin panel. The payload ' OR 'x'='x bypasses authentication and retrieves all records, confirming the vulnerability.
Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target:
Client Management System 1.1
Auth required
Prerequisites:
Admin credentials · Access to the admin panel
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026