CVE-2006-1217

Publication date

2006-03-14 02:00:00

Family

mitre

State

PUBLISHED

Description

SQL injection vulnerability in DSPoll 1.1 allows remote attackers to execute arbitrary SQL commands via the pollid parameter to (1) results.php, (2) topolls.php, (3) pollit.php.