Do You Know About The CJ Dynamic Poll Pro Vulnerability?

Voting can be lots of fun because the results are always based on the same concept, which is, the majority rules. Voting and polls are an excellent way to see what the majority likes or dislikes about a certain product. If you have a web site and have a poll on, then you have contributed to making your website fun and interactive. A wonderful program, that offers polling services, called CJ Dynamic Poll Pro was sadly found to have a vulnerability.

CJ Dynamic Poll Pro is a very exciting and easy to use poll. There is a free version available as a demo so you can experience the wonderful benefits of the poll. Although the best option is really to buy the full proper versions which contains additional features. It does not matter what browser you are using, your website should function with the poll regardless. It does not matter if you are using the Opera browser or Mozilla Firefox 2. Some of the files of Opera include the following: op.com, opera_exe_file_id as well as opera.exe. Some of the files of Mozilla Firefox 2 may include: nsBrowserGlue.js, nsSearchSuggestions.js, FeedWriter.js, nsUrlClassifierTable.js as well as nsURLFormatter.js.

Table 1.  Features Of The Full Demo Version

Here is another import poll question, although the readers won't answer it, I as the writer shall be doing the honors. The question is: Why did this vulnerability occur? The reason is that the input which is passed over from the URL directly to the admin/admin_index.php, has not been adequately changed prior to being returned to the user. This runs the risk of being exploited by malicious online attackers in order to execute arbitrary HTML code as well as script code. This occurs within a user's browser session in the context of having visited a site which is affected.

If malicious characters are able to successfully exploit these vulnerabilities then the possibilities are very high that cross site scripting attacks may take place. This vulnerability has been confirmed as well as reported in the CJ Dynamic Poll Pro version 2.0. All users need to also be aware of the factor that the risks are high that other versions are affected by this vulnerability as well.

If you would like to know the solution for this vulnerability, I will tell you. The solution for this vulnerability is for users to edit the source code in order to ensure that the input is correctly modified. I wish you all the best of luck and would like to leave you with a quote in conclusion:"The remarkable social impact and economic success of the Internet is in many ways directly attributable to the architectural characteristics that were part of its design. The Internet was designed with no gatekeepers over new content or services."-Vinton Cerf