Mr-Corner: >> Amazing Little Poll >> 1.3 Security Vulnerabilities
Stored XSS vulnerability in Amazing Little Poll, affecting versions 1.3 and 1.4. This vulnerability allows a remote attacker to store a malicious JavaScript payload in the "lp_admin.php" file in the "question" and "item" parameters. This vulnerability could lead to malicious JavaScript execution while the page is loading.
CVSS Score
6.5
EPSS Score
0.002
Published
2023-12-20
Authentication bypass vulnerability in Amazing Little Poll affecting versions 1.3 and 1.4. This vulnerability could allow an unauthenticated user to access the admin panel without providing any credentials by simply accessing the "lp_admin.php?adminstep=" parameter.
CVSS Score
9.4
EPSS Score
0.001
Published
2023-12-20