On Monday 20 August 2007 23:10:22 Coopercentral@gmail.com wrote: > HI: > > I am the creator of this poll script, and would like to do whatever > possible to make this NOT vulnerable. =C2=A0Thanks for finding this, and = hope I > can help. I guess, if "register_globals" option is off (it's off by default since php= 4),=20 this exploit will fail and not work.. Please make sure that you disabled "register_globals" option in your php.in= i=20 who uses this script and who uses php.