9 matches found
EUVD-2009-4709
Malware in sbrugna...
Cross site scripting
Cross-site scripting XSS vulnerability in index.php in Dreamlevels DreamPoll 3.1 allows remote attackers to inject arbitrary web script or HTML via the recordsPerPage parameter in a polldefault login action...
CVE-2009-4746
Cross-site scripting XSS vulnerability in index.php in Dreamlevels DreamPoll 3.1 allows remote attackers to inject arbitrary web script or HTML via the recordsPerPage parameter in a polldefault login action...
CVE-2009-4745
Multiple SQL injection vulnerabilities in index.php in Dreamlevels DreamPoll 3.1 allow remote attackers to execute arbitrary SQL commands via the 1 sortField, 2 sortDesc, or 3 pageNumber parameter in a login action...
CVE-2009-4745
Multiple SQL injection vulnerabilities in index.php in Dreamlevels DreamPoll 3.1 allow remote attackers to execute arbitrary SQL commands via the 1 sortField, 2 sortDesc, or 3 pageNumber parameter in a login action...
CVE-2009-4746
Cross-site scripting XSS vulnerability in index.php in Dreamlevels DreamPoll 3.1 allows remote attackers to inject arbitrary web script or HTML via the recordsPerPage parameter in a polldefault login action...
CVE-2009-4746
The CVE describes a Cross-site Scripting (XSS) vulnerability in Dreamlevels DreamPoll 3.1. Specifically, index.php is vulnerable via the recordsPerPage parameter in a poll_default login action, allowing remote attackers to inject arbitrary web script/HTML. Affected software: Dreamlevels DreamPoll...
CVE-2009-4745
Dreamlevels DreamPoll 3.1 is affected by multiple SQL injection vulnerabilities in index.php. The issue allows an attacker to inject via the login action using one of three parameters: sortField, sortDesc, or pageNumber, enabling arbitrary SQL execution. The CVE entry is tracked with a base metri...
CVE-2005-4254
SQL injection vulnerability in viewResults.php in DreamLevels DreamPoll 3.0 final allows remote attackers to execute arbitrary SQL commands via the id parameter...