EIP-2026-119355

PRE-CVE

Cyclope Employee Surveillance Solution 6.0 6.1.0 6.2.0 - Multiple Vulnerabilities

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-119355. PoCs published by loneferret.

AI-analyzed exploit summary The exploit demonstrates multiple vulnerabilities in Cyclope Employee Surveillance Solution, including Local File Include (LFI), SQL Injection (SQLi), and an authentication bypass to change the admin password. The PoCs are functional and include specific HTTP request examples.

Description

Cyclope Employee Surveillance Solution 6.0 6.1.0 6.2.0 - Multiple Vulnerabilities

Exploits (1)

exploitdb WORKING POC VERIFIED

by loneferret · textwebappswindows

https://www.exploit-db.com/exploits/20545

View Code ZIP pw:eip

The exploit demonstrates multiple vulnerabilities in Cyclope Employee Surveillance Solution, including Local File Include (LFI), SQL Injection (SQLi), and an authentication bypass to change the admin password. The PoCs are functional and include specific HTTP request examples.

Classification

Working Poc 90%

Attack Type

Sqli | Info Leak | Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: Cyclope Employee Surveillance Solution v6.0, 6.1.0, 6.2.0

Auth required

Prerequisites: Employee access to the application

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026