admin/index.php in Advanced Poll 2.0.0 up to and including 2.0.5-dev allows remote malicious users to bypass authentication and gain administrator privileges by obtaining a valid session identifier and setting the uid parameter to 1.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
advanced poll advanced poll 2.0.3 |
||
advanced poll advanced poll 2.0.4 |
||
advanced poll advanced poll 2.0.2 |
||
advanced poll advanced poll 2.0.5 |