Vulnerability CVE-2007-4101


Published: 2007-07-31   Modified: 2012-02-12

Description:
Multiple PHP remote file inclusion vulnerabilities in Madoa Poll 1.1 allow remote attackers to execute arbitrary PHP code via the Madoa parameter to (1) index.php, (2) vote.php, and (3) admin.php.

See advisories in our WLB2 database:
Topic
Author
Date
High
Madoa Poll v1.1 Remote File Include Vulnerabilities
ilker kandemir
02.08.2007

Vendor: Global centre
Product: Aplomb poll 
Version: 1.1;

CVSS2 => (AV:N/AC:M/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.8/10
6.4/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

 References:
http://securityreason.com/securityalert/2937
http://www.attrition.org/pipermail/vim/2007-July/001739.html
http://www.securityfocus.com/archive/1/475096/100/0/threaded
http://www.securityfocus.com/bid/25138

Copyright 2018, cxsecurity.com

 

Back to Top