CVE-2007-4339

Multiple PHP remote file inclusion vulnerabilities in PHPCentral Poll Script 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the _SERVER[DOCUMENT_ROOT] parameter in (1) poll.php and (2) pollarchive.php. NOTE: a reliable third party states that this issue is resultant from a variable extraction error in functions.php.
Configurations

Configuration 1

cpe:2.3:a:phpcentral:poll_script:1.0:*:*:*:*:*:*:*

Information

Published : 2007-08-14 06:17

Updated : 2018-10-15 09:34


NVD link : CVE-2007-4339

Mitre link : CVE-2007-4339

Products Affected
No products.
CWE