Ez Poll Hoster
Approved changes feed: RSS · Atom
cpe:2.3:a:scriptsez:ez_poll_hoster:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Scriptsez (05034717-856a-564a-ae0e-e36766934ccf) |
|---|---|
| Product | Ez Poll Hoster (d12afc6b-9b0f-5471-9aa6-67dbf397f70b) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2009-4385 |
vulnerable | 2026-06-03 14:29:57.535347 |
Details available
Multiple cross-site request forgery (CSRF) vulnerabilities in Scriptsez.net Ez Poll Hoster (EPH) allow remote attackers to (1) hijack the authentication of arbitrary users for requests that delete polls via the delete_poll action to index.php; and hijack the authentication of administrators for requests that (2) delete users via the manage action to admin.php, or (3) send arbitrary email to arbitrary users in the email action to admin.php.
Published: 2009-12-22T23:00:00.000Z
Updated: 2024-08-07T07:01:20.076Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2009-4384 |
vulnerable | 2026-06-03 14:29:57.534952 |
Details available
Multiple cross-site scripting (XSS) vulnerabilities in Scriptsez.net Ez Poll Hoster (EPH) allow remote attackers to inject arbitrary web script or HTML via the (1) pid parameter in a code action to index.php and the (2) uid parameter in a view action to profile.php.
Published: 2009-12-22T23:00:00.000Z
Updated: 2024-08-07T07:01:20.523Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.