GCVE - cpe:2.3:a:advanced_poll:advanced

Approved changes feed: RSS · Atom

cpe:2.3:a:advanced_poll:advanced_poll:2.0.2:*:*:*:*:*:*:*

part: a version: 2.0.2 update: *

Vendor	Advanced Poll (`8d514518-ac55-5e50-b878-76710bba2b4f`)
Product	Advanced Poll (`645e7f1a-1197-5c43-a87c-01a08a6e327b`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2007-0845`	vulnerable	2026-06-08 04:49:33.476759	Details available admin/index.php in Advanced Poll 2.0.0 through 2.0.5-dev allows remote attackers to bypass authentication and gain administrator privileges by obtaining a valid session identifier and setting the uid parameter to 1. Published: 2007-02-08T18:00:00.000Z Updated: 2024-08-07T12:34:21.287Z Open on db.gcve.eu Reference links https://exchange.xforce.ibmcloud.com/vulnerabilities/32337 http://www.securityfocus.com/bid/22451 https://www.exploit-db.com/exploits/3282 http://osvdb.org/35847	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2006-1617`	vulnerable	2026-06-08 04:48:57.650267	Details available Multiple cross-site scripting (XSS) vulnerabilities in Advanced Poll 2.02 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to comments.php or (2) poll_id parameter to page.php. NOTE: it is possible that this issue is resultant from CVE-2006-1616. Published: 2006-04-05T10:00:00.000Z Updated: 2024-08-07T17:19:48.668Z Open on db.gcve.eu Reference links http://ns79.hosteur.com/~secuti/advancedpoll.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/25677	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2006-1616`	vulnerable	2026-06-08 04:48:57.649911	Details available Multiple SQL injection vulnerabilities in Advanced Poll 2.02 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to comments.php or (2) poll_id parameter to page.php. Published: 2006-04-05T10:00:00.000Z Updated: 2024-08-07T17:19:49.373Z Open on db.gcve.eu Reference links http://ns79.hosteur.com/~secuti/advancedpoll.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/25676	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2005-3742`	vulnerable	2026-06-08 04:48:41.953255	Details available Cross-site scripting (XSS) vulnerability in popup.php in Advanced Poll 2.0.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the poll_ident parameter. Published: 2005-11-22T11:00:00.000Z Updated: 2024-08-07T23:24:35.472Z Open on db.gcve.eu Reference links http://secunia.com/advisories/17669 http://securitytracker.com/id?1015245 http://www.securityfocus.com/bid/15506 http://www.osvdb.org/21006 http://www.vupen.com/english/advisories/2005/2524	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2003-1181`	vulnerable	2026-06-08 04:47:23.591335	Details available Advanced Poll 2.0.2 allows remote attackers to obtain sensitive information via an HTTP request to info.php, which invokes the phpinfo() function. Published: 2005-05-10T04:00:00.000Z Updated: 2024-08-08T02:19:46.027Z Open on db.gcve.eu Reference links http://www.securityfocus.com/archive/1/342493 http://www.osvdb.org/3292 http://archives.neohapsis.com/archives/vulnwatch/2003-q4/0019.html https://exchange.xforce.ibmcloud.com/vulnerabilities/13515 http://www.securityfocus.com/bid/8890	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2003-1180`	vulnerable	2026-06-08 04:47:23.591032	Details available Directory traversal vulnerability in Advanced Poll 2.0.2 allows remote attackers to read arbitrary files or inject arbitrary local PHP files via .. sequences in the base_path or pollvars[lang] parameters to the admin files (1) index.php, (2) admin_tpl_new.php, (3) admin_tpl_misc_new.php, (4) admin_templates_misc.php, (5) admin_templates.php, (6) admin_stats.php, (7) admin_settings.php, (8) admin_preview.php, (9) admin_password.php, (10) admin_logout.php, (11) admin_license.php, (12) admin_help.php, (13) admin_embed.php, (14) admin_edit.php, or (15) admin_comment.php. Published: 2005-05-10T04:00:00.000Z Updated: 2024-08-08T02:19:45.983Z Open on db.gcve.eu Reference links http://www.securityfocus.com/archive/1/342493 http://www.securityfocus.com/bid/8890 https://exchange.xforce.ibmcloud.com/vulnerabilities/13514 http://secunia.com/advisories/10068 http://www.osvdb.org/3291	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2003-1179`	vulnerable	2026-06-08 04:47:23.590673	Details available Multiple PHP remote file inclusion vulnerabilities in Advanced Poll 2.0.2 allow remote attackers to execute arbitrary PHP code via the include_path parameter in (1) booth.php, (2) png.php, (3) poll_ssi.php, or (4) popup.php, the (5) base_path parameter to common.inc.php. Published: 2005-05-10T04:00:00.000Z Updated: 2024-08-08T02:19:45.951Z Open on db.gcve.eu Reference links http://www.securityfocus.com/archive/1/342493 http://www.securityfocus.com/archive/1/440780/100/0/threaded http://www.securityfocus.com/bid/19105 http://www.phpsecure.info/v2/tutos/frog/AdvancedPoll2.0.2.txt http://www.solpotcrew.org/adv/solpot-adv-02.txt	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2003-1178`	vulnerable	2026-06-08 04:47:23.589924	Details available Eval injection vulnerability in comments.php in Advanced Poll 2.0.2 allows remote attackers to execute arbitrary PHP code via the (1) id, (2) template_set, or (3) action parameter. Published: 2005-05-10T04:00:00.000Z Updated: 2024-08-08T02:19:45.668Z Open on db.gcve.eu Reference links http://www.osvdb.org/2743 http://www.securityfocus.com/archive/1/342493 https://exchange.xforce.ibmcloud.com/vulnerabilities/29396 http://www.securityfocus.com/bid/8890 http://www.securityfocus.com/archive/1/448007/100/0/threaded	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Advanced Poll

PURL mappings

Vulnerability references

Contribute