RSS   Vulnerabilities for 'Poll script'   RSS

2007-08-14
 
CVE-2007-4339

CWE-94
 

 
Multiple PHP remote file inclusion vulnerabilities in PHPCentral Poll Script 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the _SERVER[DOCUMENT_ROOT] parameter in (1) poll.php and (2) pollarchive.php. NOTE: a reliable third party states that this issue is resultant from a variable extraction error in functions.php.

 

 >>> Vendor: Phpcentral 2 Products
Poll script
Login


Copyright 2024, cxsecurity.com

 

Back to Top