PT-2006-4549 · Flipper · Flipper Poll

Spc-X

Published

2006-07-18

Updated

2018-10-18

CVE-2006-3683

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Flipper Poll versions 1.1 and earlier

Description The issue allows remote attackers to execute arbitrary PHP code via a URL in the root path parameter in the poll.php file.

Recommendations For Flipper Poll versions 1.1 and earlier, consider restricting access to the poll.php file until a patch is available. As a temporary workaround, avoid using the root path parameter in the poll.php file to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-3683

Affected Products

Flipper Poll

PT-2006-4549 · Flipper · Flipper Poll

CVE-2006-3683

Related Identifiers

Affected Products

References · 11