Published: 31/12/2003 Updated: 19/10/2018

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Multiple PHP remote file inclusion vulnerabilities in Advanced Poll 2.0.2 allow remote malicious users to execute arbitrary PHP code via the include_path parameter in (1) booth.php, (2) png.php, (3) poll_ssi.php, or (4) popup.php, the (5) base_path parameter to common.inc.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
advanced poll advanced poll 2.0.0
advanced poll advanced poll 2.0.1
advanced poll advanced poll 2.0.2

source: wwwsecurityfocuscom/bid/19105/info Advanced Poll is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input to the application An attacker may leverage this issue to have an arbitrary remote file containing malicious script code execute in the context of the webserver process This ...

NVD-CWE-Other http://www.securityfocus.com/archive/1/342493 http://www.phpsecure.info/v2/tutos/frog/AdvancedPoll2.0.2.txt http://www.securityfocus.com/bid/8890 http://www.osvdb.org/3291 http://secunia.com/advisories/10068 http://www.solpotcrew.org/adv/solpot-adv-02.txt http://www.securityfocus.com/bid/19105 http://www.osvdb.org/28988 https://exchange.xforce.ibmcloud.com/vulnerabilities/13514 http://www.securityfocus.com/archive/1/440780/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/28253/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2003-1179

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect