AJ Square Free Polling Script (AJPoll) allows remote attackers to bypass authentication and create new polls via a direct request to admin/include/newpoll.php, a different vector than CVE-2008-7045. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
References
Link | Resource |
---|---|
http://osvdb.org/49779 | |
http://secunia.com/advisories/32600 | Vendor Advisory |
Configurations
Information
Published : 2009-08-24 03:30
Updated : 2009-08-24 03:30
NVD link : CVE-2008-7046
Mitre link : CVE-2008-7046
JSON object : View
CWE
CWE-287
Improper Authentication
Products Affected
ajsquare
- free_polling_script