Published: 09/03/2011 Updated: 09/10/2018

CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6

VMScore: 585

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:P

Multiple directory traversal vulnerabilities in FocalMedia.Net Quick Polls prior to 1.0.2 allow remote malicious users to (1) read arbitrary files via a .. (dot dot) in the p parameter in a preview action to index.php, or (2) delete arbitrary files via a .. (dot dot) in the p parameter in a delete action to index.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
focalmedia.net quick polls

'Quick Polls' Local File Inclusion & Deletion Vulnerabilities (CVE-2011-1099) Mark Stanislav - markstanislav@gmailcom I DESCRIPTION --------------------------------------- Two vulnerabilities exist in 'Quick Polls' providing local file inclusion & local file deletion due to null-byte attacks against functions in indexphp II TESTE ...

Quick Polls version 101 suffers from local file inclusion and deletion vulnerabilities ...

CWE-22 http://www.exploit-db.com/exploits/16933 http://www.securityfocus.com/bid/46770 http://www.uncompiled.com/2011/03/quick-polls-local-file-inclusion-deletion-vulnerabilities-cve-2011-1099/http://secunia.com/advisories/43599 http://osvdb.org/71028 http://securityreason.com/securityalert/8121 https://exchange.xforce.ibmcloud.com/vulnerabilities/65947 http://www.securityfocus.com/archive/1/516873/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/16933/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2011-1099

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect