Nabocorp: >> Nabopoll >> 1.2 Security Vulnerabilities
SQL injection vulnerability in result.php in Nabopoll 1.2 allows remote attackers to execute arbitrary SQL commands via the surv parameter.
CVSS Score
7.5
EPSS Score
0.009
Published
2007-03-02
nabopoll 1.1.2 allows remote attackers to bypass authentication and access certain administrative functionality via a direct request for (1) config_edit.php, (2) template_edit.php, or (3) survey_edit.php in admin/.
CVSS Score
7.5
EPSS Score
0.089
Published
2007-02-12
PHP remote file inclusion vulnerability in survey.inc.php for nabopoll 1.2 allows remote attackers to execute arbitrary PHP code via the path parameter.
CVSS Score
5.0
EPSS Score
0.014
Published
2005-07-06