|
Description
|
|
A vulnerability has been identified in DSPoll, which may be exploited by remote attackers to execute arbitrary SQL commands. This flaw is due to input validation errors in the "include/results.php", "include/topolls.php" and "include/pollit.php" scripts that do not validate the "pollid" parameter before being used in SQL statements, which could be exploited by malicious people to conduct SQL injection attacks.
|
