CVE-2007-0504

Name of the Vulnerable Software and Affected Versions Vote! Pro version 4.0

Description The issue allows remote attackers to execute arbitrary code via the poll id parameter, which is supplied to an eval function call. This is due to an eval injection vulnerability in the poll frame.php script.

Recommendations For Vote! Pro version 4.0, avoid using the poll id parameter in the affected script until the issue is resolved. As a temporary workaround, consider restricting access to the poll frame.php script to minimize the risk of exploitation.