CVE-2010-2003

Name of the Vulnerable Software and Affected Versions Advanced Poll version 2.08

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the mysql host parameter in the "misc/get admin.php" file.

Recommendations For Advanced Poll version 2.08, consider restricting access to the misc/get admin.php file until a patch is available, and avoid using the mysql host parameter in this context to minimize the risk of exploitation.