CVE-2002-0588

2002-06-1104:00:00

mitre

www.cve.org

AI Score

6.7

Confidence

Low

EPSS

0.03

Percentile

91.0%

JSON

PVote before 1.9 does not authenticate users for restricted operations, which allows remote attackers to add or delete polls by modifying parameters to (1) add.php or (2) del.php.

References

online.securityfocus.com/archive/1/268231

orbit-net.net:8001/php/pvote/

www.iss.net/security_center/static/8877.php

www.securityfocus.com/bid/4540