CVE-2006-1616 - OpenCVE

Multiple SQL injection vulnerabilities in Advanced Poll 2.02 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to comments.php or (2) poll_id parameter to page.php.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Advanced Poll	Advanced Poll

Configuration 1 [-]

cpe:2.3:a:advanced_poll:advanced_poll:2.0.2:*:*:*:*:*:*:*

References

Link	Resource
http://ns79.hosteur.com/~secuti/advancedpoll.txt	Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/25676

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2006-04-05T10:00:00

Updated: 2017-07-19T15:57:01

Reserved: 2006-04-05T00:00:00

Link: CVE-2006-1616

JSON object: View

NVD Information

Status : Modified

Published: 2006-04-05T10:04:00.000

Modified: 2017-07-20T01:30:45.240

Link: CVE-2006-1616

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-Other