EIP-2026-119504

PRE-CVE

XAMPP Control Panel 3.2.2 - Denial of Service (PoC)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-119504. PoCs published by Gionathan Reale.

AI-analyzed exploit summary This exploit demonstrates a Denial of Service (DoS) vulnerability in XAMPP Control Panel 3.2.2 by overflowing a buffer in the configuration fields. The script generates a large payload of 'A' characters and writes it to a file, which when pasted into the 'Editor' and 'Browser' fields causes the application to crash.

Description

XAMPP Control Panel 3.2.2 - Denial of Service (PoC)

Exploits (1)

exploitdb WORKING POC VERIFIED

by Gionathan Reale · pythondoswindows_x86

https://www.exploit-db.com/exploits/45419

View Code ZIP pw:eip

This exploit demonstrates a Denial of Service (DoS) vulnerability in XAMPP Control Panel 3.2.2 by overflowing a buffer in the configuration fields. The script generates a large payload of 'A' characters and writes it to a file, which when pasted into the 'Editor' and 'Browser' fields causes the application to crash.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: XAMPP Control Panel 3.2.2

No auth needed

Prerequisites: XAMPP Control Panel 3.2.2 installed on Windows · Access to the configuration interface

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026