Description
Multiple PHP remote file inclusion vulnerabilities in Madoa Poll 1.1 allow remote attackers to execute arbitrary PHP code via the Madoa parameter to (1) index.php, (2) vote.php, and (3) admin.php.
Exploits (3)
exploitdb
WRITEUP
VERIFIED
by ilker Kandemir · textwebappsphp
https://www.exploit-db.com/exploits/30437
exploitdb
WRITEUP
VERIFIED
by ilker Kandemir · textwebappsphp
https://www.exploit-db.com/exploits/30436
exploitdb
WRITEUP
VERIFIED
by ilker Kandemir · textwebappsphp
https://www.exploit-db.com/exploits/30438
References (7)
Core 7
Core References
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/25138
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/37264
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/37263
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/475096/100/0/threaded
Third Party Advisory mailing-list
x_refsource_vim
http://www.attrition.org/pipermail/vim/2007-July/001739.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/37262
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/2937
Scores
EPSS
0.0556
EPSS Percentile
90.3%
Details
Status
published
Products (1)
global_centre/aplomb_poll
1.1
Published
Jul 31, 2007
Tracked Since
Feb 18, 2026