EIP-2026-118217

PRE-CVE

123 FlashChat 7.8 - Multiple Vulnerabilities

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-118217. PoCs published by Lincoln.

AI-analyzed exploit summary This is a writeup detailing multiple vulnerabilities in 123 Flashchat version 7.8, including directory traversal, XSS, cleartext password transmission, and an open crossdomain policy. It provides URLs and HTTP requests to demonstrate the vulnerabilities but does not include executable exploit code.

Description

123 FlashChat 7.8 - Multiple Vulnerabilities

Exploits (1)

exploitdb WRITEUP VERIFIED

by Lincoln · textremotewindows

https://www.exploit-db.com/exploits/14658

View Code ZIP pw:eip

This is a writeup detailing multiple vulnerabilities in 123 Flashchat version 7.8, including directory traversal, XSS, cleartext password transmission, and an open crossdomain policy. It provides URLs and HTTP requests to demonstrate the vulnerabilities but does not include executable exploit code.

Classification

Writeup 90%

Attack Type

Info Leak | Xss | Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: 123 Flashchat version 7.8

No auth needed

Prerequisites: Network access to the target server

MITRE ATT&CK

T1006 - Direct Volume Access T1059.007 - JavaScript T1040 - Network Sniffing

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026