EIP-2026-119450

PRE-CVE

VideoInsight WebClient 5 - SQL Injection

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-119450. PoCs published by vosec.

AI-analyzed exploit summary This exploit demonstrates an unauthenticated SQL injection vulnerability in VideoInsight WebClient 5, allowing remote code execution via crafted input in the username field. The PoC includes payloads for time-based delay and command execution using xp_cmdshell.

Description

VideoInsight WebClient 5 - SQL Injection

Exploits (1)

exploitdb WORKING POC
by vosec · textwebappswindows
https://www.exploit-db.com/exploits/44917

This exploit demonstrates an unauthenticated SQL injection vulnerability in VideoInsight WebClient 5, allowing remote code execution via crafted input in the username field. The PoC includes payloads for time-based delay and command execution using xp_cmdshell.

Classification
Working Poc 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Reliable
Target: VideoInsight WebClient 5
No auth needed
Prerequisites: Access to the web login page
devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026