Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple SQL injection vulnerabilities in 2daybiz Polls (aka Advanced Poll) Script allow remote attackers to execute arbitrary SQL commands via (1) the password field to login.php, (2) the login field (aka email parameter) to login.php, (3) the password field (aka pass parameter) to the default URI under admin/, and possibly (4) the login field to the default URI under admin/. NOTE: some of these details are obtained from third party information.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
2daybiz Polls Script多个SQL注入漏洞
Vulnerability Description
2daybiz Polls (即Advanced Poll)Script存在多个SQL注入漏洞,远程攻击者可通过(1)login.php的密码字段,(2)login.php的登录字段,(3)admin/下默认URI的密码字段(即pass参数),或(4)admin/下默认URI的登录字段,执行任意SQL命令。
CVSS Information
N/A
Vulnerability Type
N/A