pollit.cgi in Poll It 2.01 and earlier uses data files that are located under the web document root, which allows remote attackers to access sensitive or private information.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Poll_it | Cgi-world | 2.0 (including) | 2.0 (including) |
| Poll_it | Cgi-world | 2.01 (including) | 2.01 (including) |
| Poll_it_pro | Cgi-world | 1.6 (including) | 1.6 (including) |
References
- http://marc.info/?l=bugtraq\u0026m=97236719315352\u0026w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5794
- http://marc.info/?l=bugtraq\u0026m=97236719315352\u0026w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5794