Vulnerabilities > CVE-2002-0588 - Unspecified vulnerability in Steve Korbett Pvote

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

low complexity

steve-korbett

exploit available

NVD

Published: 2002-06-18

Updated: 2008-09-05

Summary

PVote before 1.9 does not authenticate users for restricted operations, which allows remote attackers to add or delete polls by modifying parameters to (1) add.php or (2) del.php.

Vulnerable Configurations

Part	Description	Count
Application	Steve_Korbett Steve Korbett Pvote 1.0 Steve Korbett Pvote 1.0A Steve Korbett Pvote 1.0B Steve Korbett Pvote 1.5	4

Exploit-Db

description	PVote 1.0/1.5 Poll Content Manipulation Vulnerability. CVE-2002-0588. Webapps exploit for php platform
id	EDB-ID:21391
last seen	2016-02-02
modified	2002-04-18
published	2002-04-18
reporter	Daniel NystrÃ¶m
source	https://www.exploit-db.com/download/21391/
title	PVote 1.0/1.5 Poll Content Manipulation Vulnerability

Summary

Vulnerable Configurations

Exploit-Db

References