Aggregates CVE and security vulnerability intelligence across all nabocorp-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk sql injection and related problems; some flaws may lead to vendor impact data exposure, affecting vendor surface production workloads and vendor surface software deployment scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2007-1166 | SQL injection vulnerability in result.php in Nabopoll 1.2 allows remote attackers to execute arbitrary SQL commands via the surv parameter. | [email protected] | 7.5 | 1.54% | 2007-03-02 | 2026-04-23 |
| CVE-2007-0873 | nabopoll 1.1.2 allows remote attackers to bypass authentication and access certain administrative functionality via a direct request for (1) config_edit.php, (2) template_edit.php, or (3) survey_edit.php in admin/. | [email protected] | 7.5 | 16.98% | 2007-02-12 | 2026-04-23 |
| CVE-2005-2157 | PHP remote file inclusion vulnerability in survey.inc.php for nabopoll 1.2 allows remote attackers to execute arbitrary PHP code via the path parameter. | [email protected] | 5.0 | 1.43% | 2005-07-06 | 2026-04-16 |