RSS   Vulnerabilities for 'Polls script'   RSS

2011-11-02
 
CVE-2010-5004

CWE-89
 

 
SQL injection vulnerability in searchvote.php in 2daybiz Polls (aka Advanced Poll) Script allows remote attackers to execute arbitrary SQL commands via the category parameter.

 
2010-05-04
 
CVE-2010-1704

CWE-89
 

 
Multiple SQL injection vulnerabilities in 2daybiz Polls (aka Advanced Poll) Script allow remote attackers to execute arbitrary SQL commands via (1) the password field to login.php, (2) the login field (aka email parameter) to login.php, (3) the password field (aka pass parameter) to the default URI under admin/, and possibly (4) the login field to the default URI under admin/. NOTE: some of these details are obtained from third party information.

 
 
CVE-2010-1703

CWE-79
 

 
Multiple cross-site scripting (XSS) vulnerabilities in index_search.php in 2daybiz Polls (aka Advanced Poll) Script allow remote attackers to inject arbitrary web script or HTML via the (1) category parameter or (2) search field.

 

 >>> Vendor: 2daybiz 13 Products
Business community script
Template monster clone
Custom t-shirt design script
Polls script
Auction script
Video community portal script
Web template software
Multi level marketing software
Matrimonial script
Job search engine script
Job site script
Network community script
Online classified script


Copyright 2021, cxsecurity.com

 

Back to Top