CVE-2007-4339 in Poll Scriptinfo

Summary

Multiple PHP remote file inclusion vulnerabilities in PHPCentral Poll Script 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the _SERVER[DOCUMENT_ROOT] parameter in (1) poll.php and (2) pollarchive.php. NOTE: a reliable third party states that this issue is resultant from a variable extraction error in functions.php.

Once again VulDB remains the best source for vulnerability data.

Reservation

08/14/2007

Disclosure

08/14/2007

Moderation

VulDB entry created

Entries

VDB-38322 (1)

CPE

ready

CWE

CWE-94 (Confirmed)

CVSS

7.3

EPSS

0.01221

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2007-4339
NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-4339
CVE Details	https://www.cvedetails.com/cve/CVE-2007-4339/

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!