EIP-2026-113221

PRE-CVE

Web Poll Pro 1.0.3 - 'error' HTML Injection

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-113221. PoCs published by Hector.x90.

AI-analyzed exploit summary This is a functional HTML injection (XSS) exploit for Web Poll Pro 1.0.3. It demonstrates how unsanitized user input in the 'error' parameter can be leveraged to execute arbitrary JavaScript in the context of the affected site.

Description

Web Poll Pro 1.0.3 - 'error' HTML Injection

Exploits (1)

exploitdb WORKING POC VERIFIED

by Hector.x90 · textwebappsphp

https://www.exploit-db.com/exploits/35479

View Code ZIP pw:eip

This is a functional HTML injection (XSS) exploit for Web Poll Pro 1.0.3. It demonstrates how unsanitized user input in the 'error' parameter can be leveraged to execute arbitrary JavaScript in the context of the affected site.

Classification

Working Poc 95%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: Web Poll Pro 1.0.3

No auth needed

Prerequisites: Access to the vulnerable web application

MITRE ATT&CK

T1059.007 - JavaScript

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026