RSS   Vulnerabilities for 'Good/bad vote'   RSS

2010-03-10
 
CVE-2009-4683

CWE-22
 

 
Directory traversal vulnerability in vote.php in Good/Bad Vote allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the id parameter in a dovote action. NOTE: some of these details are obtained from third party information.

 
 
CVE-2009-4682

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in vote.php in Good/Bad Vote allows remote attackers to inject arbitrary web script or HTML via the id parameter in a vote action.

 

 >>> Vendor: Scriptsez 15 Products
Cute guestbook
Ez ringtone manager
Random php quote
Smart php subscriber
Power editor
Freeze greetings
Easy image downloader
Mini hosting panel
Ez php comment
Ultimate poll
Ez cart
Ez blog
Ez poll hoster
Good/bad vote
Ez album


Copyright 2024, cxsecurity.com

 

Back to Top