Описание
admin/index.php in Advanced Poll 2.0.0 through 2.0.5-dev allows remote attackers to bypass authentication and gain administrator privileges by obtaining a valid session identifier and setting the uid parameter to 1.
Ссылки
- ExploitVendor Advisory
- ExploitVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:advanced_poll:advanced_poll:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:advanced_poll:advanced_poll:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:advanced_poll:advanced_poll:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:advanced_poll:advanced_poll:2.0.5:*:dev:*:*:*:*:*
EPSS
Процентиль: 91%
0.06148
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
admin/index.php in Advanced Poll 2.0.0 through 2.0.5-dev allows remote attackers to bypass authentication and gain administrator privileges by obtaining a valid session identifier and setting the uid parameter to 1.
EPSS
Процентиль: 91%
0.06148
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other