Vulnerability Description
Multiple PHP remote file inclusion vulnerabilities in Advanced Poll 2.0.2 allow remote attackers to execute arbitrary PHP code via the include_path parameter in (1) booth.php, (2) png.php, (3) poll_ssi.php, or (4) popup.php, the (5) base_path parameter to common.inc.php.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Advanced Poll | Advanced Poll | 2.0.0 |
References
- http://secunia.com/advisories/10068PatchVendor Advisory
- http://www.osvdb.org/28988
- http://www.osvdb.org/3291
- http://www.phpsecure.info/v2/tutos/frog/AdvancedPoll2.0.2.txtExploit
- http://www.securityfocus.com/archive/1/342493Exploit
- http://www.securityfocus.com/archive/1/440780/100/0/threaded
- http://www.securityfocus.com/bid/19105
- http://www.securityfocus.com/bid/8890
- http://www.solpotcrew.org/adv/solpot-adv-02.txt
- https://exchange.xforce.ibmcloud.com/vulnerabilities/13514
- http://secunia.com/advisories/10068PatchVendor Advisory
- http://www.osvdb.org/28988
- http://www.osvdb.org/3291
- http://www.phpsecure.info/v2/tutos/frog/AdvancedPoll2.0.2.txtExploit
- http://www.securityfocus.com/archive/1/342493Exploit
FAQ
What is CVE-2003-1179?
CVE-2003-1179 is a vulnerability with a CVSS score of 7.5 (HIGH). Multiple PHP remote file inclusion vulnerabilities in Advanced Poll 2.0.2 allow remote attackers to execute arbitrary PHP code via the include_path parameter in (1) booth.php, (2) png.php, (3) poll_ss...
How severe is CVE-2003-1179?
CVE-2003-1179 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2003-1179?
Check the references section above for vendor advisories and patch information. Affected products include: Advanced Poll Advanced Poll.