CVE-2010-5004

2daybiz Polls - SQL Injection

Title source: llm

Description

SQL injection vulnerability in searchvote.php in 2daybiz Polls (aka Advanced Poll) Script allows remote attackers to execute arbitrary SQL commands via the category parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Easy Laster · rubywebappsphp

https://www.exploit-db.com/exploits/14074

View Code ZIP pw:eip

References (2)

[Exploit] http://www.securityfocus.com/bid/41172

[Exploit] http://www.exploit-db.com/exploits/14074

Scores

EPSS 0.0025

EPSS Percentile 48.3%

Details

CWE

CWE-89

Status published

Products (1)

2daybiz/polls_script

Published Nov 02, 2011

Tracked Since Feb 18, 2026