CVE-2007-4101

Name of the Vulnerable Software and Affected Versions Madoa Poll version 1.1

Description The issue allows remote attackers to execute arbitrary PHP code. This is achieved through multiple PHP remote file inclusion vulnerabilities. The vulnerable API endpoints are "index.php", "vote.php", and "admin.php", which are accessible via the Madoa parameter.

Recommendations For Madoa Poll version 1.1, consider disabling the Madoa parameter in the affected API endpoints "index.php", "vote.php", and "admin.php" as a temporary workaround until a patch is available. Restrict access to these endpoints to minimize the risk of exploitation.