vendor:
Polls Script
by:
Easy Laster
7.5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: Polls Script
Affected Version From: Not mentioned
Affected Version To: Not mentioned
Patch Exists: NO
Related CWE:
CPE:
Platforms Tested:
Not mentioned
2daybiz Polls Script SQL Injection
The vulnerability exists in the searchvote.php script of the 2daybiz Polls Script. An attacker can exploit this vulnerability by injecting malicious SQL queries through the 'category' parameter. This can lead to unauthorized access, data manipulation, or data leakage.
Mitigation:
To mitigate this vulnerability, it is recommended to sanitize user input and use prepared statements or parameterized queries to prevent SQL injection attacks. Additionally, keeping the script up to date with the latest security patches is advised.
