Vulnerabilities > CVE-2006-7003 - Remote Security vulnerability in Fusion Polls

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

fusionphp

NVD

Published: 2007-02-12

Updated: 2008-09-05

Summary

PHP remote file inclusion vulnerability in admin/index.php in Fusion Polls allows remote attackers to execute arbitrary PHP code via a URL in the xtrphome parameter.

Vulnerable Configurations

Part	Description	Count
Application	Fusionphp Fusionphp Fusion Polls *	1

References

http://www.securityfocus.com/archive/1/437127/30/4380/threaded
http://www.securityfocus.com/archive/1/441493/30/4380/threaded