Filtered by vendor Mr-corner Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-6768 1 Mr-corner 1 Amazing Little Poll 2024-09-16 9.4 Critical
Authentication bypass vulnerability in Amazing Little Poll affecting versions 1.3 and 1.4. This vulnerability could allow an unauthenticated user to access the admin panel without providing any credentials by simply accessing the "lp_admin.php?adminstep=" parameter.
CVE-2023-6769 1 Mr-corner 1 Amazing Little Poll 2024-08-02 6.5 Medium
Stored XSS vulnerability in Amazing Little Poll, affecting versions 1.3 and 1.4. This vulnerability allows a remote attacker to store a malicious JavaScript payload in the "lp_admin.php" file in the "question" and "item" parameters. This vulnerability could lead to malicious JavaScript execution while the page is loading.