Advanced Poll 2.0 - Remote Information Disclosure

Author: subj
type: webapps
platform: php
port: 
date_added: 2003-03-22  
date_updated: 2012-11-02  
verified: 1  
codes: CVE-2003-1181;OSVDB-3292  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 22412.txt  

source: https://www.securityfocus.com/bid/7171/info

It has been reported that an information disclosure vulnerability exists in Advanced Poll. Because of this, a remote user to potentially access privileged information that could lead to further attack against the host and it's users.

http://www.example.com/[poll_dir]/db/info.php
http://www.example.com/[poll_dir]/textfile/info.php