Description
Multiple PHP remote file inclusion vulnerabilities in Robert Ladstaetter ActionPoll 1.1.0, and possibly 1.1.1, allow remote attackers to execute arbitrary PHP code via a URL in (1) the CONFIG_POLLDB parameter to actionpoll.php or (2) the CONFIG_DB parameter to db/DataReaderWriter.php, different vectors than CVE-2001-1297.
Exploits (2)
exploitdb
WORKING POC
VERIFIED
by SekoMirza · textwebappsphp
https://www.exploit-db.com/exploits/29863
exploitdb
WRITEUP
VERIFIED
by Cyber Security · textwebappsphp
https://www.exploit-db.com/exploits/28871
References (5)
Core 5
Core References
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/2587
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/465871/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/23504
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/33691
Exploit, Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/20788
Scores
EPSS
0.0288
EPSS Percentile
86.4%
Details
Status
published
Products (2)
actionpoll/actionpoll
1.1.0
actionpoll/actionpoll
1.1.1
Published
Apr 18, 2007
Tracked Since
Feb 18, 2026