EIP-2026-116530

PRE-CVE

Webmoney Advisor - ActiveX Remote Denial of Service

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-116530. PoCs published by Go0o$E.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in WebMoney Advisor's wmadvisor.dll via an ActiveX control. It uses VBScript to call the 'Redirect' method with an overly long string argument to trigger the overflow.

Description

Webmoney Advisor - ActiveX Remote Denial of Service

Exploits (1)

exploitdb WORKING POC VERIFIED

by Go0o$E · htmldoswindows

https://www.exploit-db.com/exploits/12431

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in WebMoney Advisor's wmadvisor.dll via an ActiveX control. It uses VBScript to call the 'Redirect' method with an overly long string argument to trigger the overflow.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: WebMoney Advisor (version not specified)

No auth needed

Prerequisites: Victim must have WebMoney Advisor installed · ActiveX controls must be enabled in the browser

MITRE ATT&CK

T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026