Cgi-World: Security Vulnerabilities
pollit.cgi in Poll It 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the poll_options parameter.
CVSS Score
10.0
EPSS Score
0.023
Published
2000-12-11
pollit.cgi in Poll It 2.01 and earlier allows remote attackers to access administrative functions without knowing the real password by specifying the same value to the entered_password and admin_password parameters.
CVSS Score
6.4
EPSS Score
0.032
Published
2000-12-11
pollit.cgi in Poll It 2.01 and earlier uses data files that are located under the web document root, which allows remote attackers to access sensitive or private information.
CVSS Score
5.0
EPSS Score
0.006
Published
2000-12-11
Poll It 2.0 CGI script allows remote attackers to read arbitrary files by specifying the file name in the data_dir parameter.
CVSS Score
7.5
EPSS Score
0.073
Published
2000-07-04