CVE-2018-5988

Name of the Vulnerable Software and Affected Versions: Flexible Poll version 1.2

Description: A SQL Injection issue exists, allowing exploitation via the id parameter to "mobile preview.php" or "index.php" API endpoints.

Recommendations: For Flexible Poll version 1.2, avoid using the id parameter in the affected API endpoints until the issue is resolved. As a temporary workaround, consider restricting access to "mobile preview.php" and "index.php" to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.