CVE-2007-0874

Name of the Vulnerable Software and Affected Versions: Allons voter version 1.0

Description: The issue allows remote attackers to bypass authentication and access certain administrative functionality. This can be achieved via a direct request for "admin ajouter.php" or "admin supprimer.php" API endpoints. It is noted that this could potentially be leveraged to conduct cross-site scripting (XSS) attacks.

Recommendations: For Allons voter version 1.0, as a temporary workaround, consider restricting access to the "admin ajouter.php" and "admin supprimer.php" API endpoints until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.