CVE-2003-1179 Information

Description

Multiple PHP remote file inclusion vulnerabilities in Advanced Poll 2.0.2 allow remote attackers to execute arbitrary PHP code via the include_path parameter in (1) booth.php (2) png.php (3) poll_ssi.php or (4) popup.php the (5) base_path parameter to common.inc.php.

Reference

http://secunia.com/advisories/10068 http://www.osvdb.org/28988 http://www.osvdb.org/3291 http://www.phpsecure.info/v2/tutos/frog/AdvancedPoll2.0.2.txt http://www.securityfocus.com/archive/1/342493 http://www.securityfocus.com/archive/1/440780/100/0/threaded http://www.securityfocus.com/bid/19105 http://www.securityfocus.com/bid/8890 http://www.solpotcrew.org/adv/solpot-adv-02.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/13514