Vulnerability Details CVE-2009-0112
Cross-site request forgery (CSRF) vulnerability in admin/agent_edit.asp in PollPro 3.0 allows remote attackers to create or modify accounts as administrators via the username, password, and name parameters.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 46.4%
CVSS Severity
CVSS v2 Score 6.8
References
- http://marc.info/?l=bugtraq&m=123117044713213&w=2
- http://secunia.com/advisories/33319
- http://securityreason.com/securityalert/4895
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47754
- http://marc.info/?l=bugtraq&m=123117044713213&w=2
- http://secunia.com/advisories/33319
- http://securityreason.com/securityalert/4895
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47754