Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
poll script vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2010-5004
SQL injection vulnerability in searchvote.php in 2daybiz Polls (aka Advanced Poll) Script allows remote malicious users to execute arbitrary SQL commands via the category parameter.
2daybiz Polls Script
1 EDB exploit
6.4
CVSSv2
CVE-2008-7045
AJ Square Free Polling Script (AJPoll) Database version allows remote malicious users to bypass authentication and reset poll votes via a direct request to admin/resetvote.php.
Ajsquare Free Polling Script
1 EDB exploit
4.3
CVSSv2
CVE-2012-6517
Multiple cross-site scripting (XSS) vulnerabilities in DiY-CMS 1.0 allow remote malicious users to inject arbitrary web script or HTML via the (1) question parameter to in /modules/poll/add.php or (2) question or (3) answer parameter to modules/poll/edit.php.
Diy-cms Diy-cms 1.0
1 EDB exploit
4.3
CVSSv2
CVE-2010-5045
Cross-site scripting (XSS) vulnerability in poll/default.asp in Smart ASP Survey allows remote malicious users to inject arbitrary web script or HTML via the catid parameter.
Sellatsite Smart Asp Survey
1 EDB exploit
4.3
CVSSv2
CVE-2013-4746
Cross-site scripting (XSS) vulnerability in the My quiz and poll (myquizpoll) extension prior to 2.0.6 for TYPO3 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Kurt Gusbeth Myquizpoll 1.1.0
Kurt Gusbeth Myquizpoll 1.0.0
Kurt Gusbeth Myquizpoll 0.2.0
Kurt Gusbeth Myquizpoll 0.1.6
Kurt Gusbeth Myquizpoll 0.1.4
Kurt Gusbeth Myquizpoll 0.4.0
Kurt Gusbeth Myquizpoll 0.3.0
Kurt Gusbeth Myquizpoll 0.2.2
Kurt Gusbeth Myquizpoll 0.2.1
Kurt Gusbeth Myquizpoll
Kurt Gusbeth Myquizpoll 1.3.0
Kurt Gusbeth Myquizpoll 0.1.3
Kurt Gusbeth Myquizpoll 0.1.2
Kurt Gusbeth Myquizpoll 0.1.1
Kurt Gusbeth Myquizpoll 1.2.0
Kurt Gusbeth Myquizpoll 1.0.1
Kurt Gusbeth Myquizpoll 0.1.7
Kurt Gusbeth Myquizpoll 0.1.5
4.3
CVSSv2
CVE-2015-1052
Cross-site scripting (XSS) vulnerability in the poll archive in PHPKIT 1.6.6 (Build 160014) allows remote malicious users to inject arbitrary web script or HTML via the result parameter to upload_files/pk/include.php.
Phpkit Phpkit 1.6.6
4.3
CVSSv2
CVE-2006-0198
Cross-site scripting (XSS) vulnerability in a certain module, possibly poll or Pool, for XOOPS allows remote malicious users to inject arbitrary web script or HTML via JavaScript in the SRC attribute of an IMG element in a comment.
Xoops Xoops Pool Module
1 EDB exploit
4.3
CVSSv2
CVE-2011-5211
Cross-site scripting (XSS) vulnerability in the poll module in Subrion CMS 2.0.4 allows remote malicious users to inject arbitrary web script or HTML via the title field. NOTE: some of these details are obtained from third party information. NOTE: this might overlap CVE-2012-5452...
Intelliants Subrion Cms 2.0.4
1 EDB exploit
6.4
CVSSv2
CVE-2011-5090
GR Board (aka grboard) 1.8.6.5 Community Edition does not require authentication for certain database actions, which allows remote malicious users to modify or delete data via a request to (1) mod_rewrite.php, (2) comment_write_ok.php, (3) poll/index.php, (4) update/index.php, (5...
Grboard Grboard 1.8.6.5
4.3
CVSSv2
CVE-2010-2281
Multiple cross-site scripting (XSS) vulnerabilities in index.php in TomatoCMS 2.0.6 allow remote malicious users to inject arbitrary web script or HTML via the (1) keyword or (2) bannerid parameter in conjunction with a /admin/ad/banner/list PATH_INFO; and allow remote authentica...
Tomatocms Tomatocms 2.0.6
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »