Vulnerabilities > Nabocorp > Nabopoll > 1.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-03-02 | CVE-2007-1166 | SQL Injection vulnerability in Nabocorp Nabopoll 1.2 SQL injection vulnerability in result.php in Nabopoll 1.2 allows remote attackers to execute arbitrary SQL commands via the surv parameter. | 7.5 |
2007-02-12 | CVE-2007-0873 | Authentication Bypass vulnerability in Nabocorp Nabopoll 1.1/1.2 nabopoll 1.1.2 allows remote attackers to bypass authentication and access certain administrative functionality via a direct request for (1) config_edit.php, (2) template_edit.php, or (3) survey_edit.php in admin/. | 7.5 |
2005-07-06 | CVE-2005-2157 | Remote Security vulnerability in Nabocorp Nabopoll 1.2 PHP remote file inclusion vulnerability in survey.inc.php for nabopoll 1.2 allows remote attackers to execute arbitrary PHP code via the path parameter. | 5.0 |