Description
SQL injection vulnerability in public/code/cp_polls_results.php in All In One Control Panel (AIOCP) 1.4 allows remote attackers to execute arbitrary SQL commands via the poll_id parameter.
Exploits (2)
exploitdb
WORKING POC
VERIFIED
by ExSploiters · textwebappsphp
https://www.exploit-db.com/exploits/32537
exploitdb
WORKING POC
VERIFIED
by ExSploiters · textwebappsphp
https://www.exploit-db.com/exploits/6854
References (3)
Core 3
Core References
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
https://www.exploit-db.com/exploits/6854
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/32431
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/4518
Scores
EPSS
0.0056
EPSS Percentile
68.3%
Details
CWE
CWE-89
Status
published
Products (2)
aiocp/aiocp
1.4.000
aiocp/aiocp
1.4.001
Published
Oct 29, 2008
Tracked Since
Feb 18, 2026