EIP-2026-100460

PRE-CVE

Ocean12 (Multiple Products) - 'Admin_ID' SQL Injection

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-100460. PoCs published by Charalambous Glafkos.

AI-analyzed exploit summary The provided text describes an SQL injection vulnerability in Ocean12 FAQ Manager Pro and Poll Manager Pro due to insufficient input sanitization. The exploit vector is demonstrated via a crafted URL parameter (`Admin_ID`), but no functional exploit code is included.

Description

Ocean12 (Multiple Products) - 'Admin_ID' SQL Injection

Exploits (1)

exploitdb WRITEUP VERIFIED

by Charalambous Glafkos · textwebappsasp

https://www.exploit-db.com/exploits/32602

View Code ZIP pw:eip

The provided text describes an SQL injection vulnerability in Ocean12 FAQ Manager Pro and Poll Manager Pro due to insufficient input sanitization. The exploit vector is demonstrated via a crafted URL parameter (`Admin_ID`), but no functional exploit code is included.

Classification

Writeup 80%

Attack Type

Sqli

Complexity

Trivial

Reliability

Theoretical

Target: Ocean12 FAQ Manager Pro, Ocean12 Poll Manager Pro

No auth needed

Prerequisites: Access to the vulnerable login page

MITRE ATT&CK

T1189 - Drive-by Compromise T1505 - Server Software Component

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026