Dreamlevels: >> Dreampoll Security Vulnerabilities
Multiple SQL injection vulnerabilities in index.php in Dreamlevels DreamPoll 3.1 allow remote attackers to execute arbitrary SQL commands via the (1) sortField, (2) sortDesc, or (3) pageNumber parameter in a login action.
CVSS Score
7.5
EPSS Score
0.001
Published
2010-03-26
Cross-site scripting (XSS) vulnerability in index.php in Dreamlevels DreamPoll 3.1 allows remote attackers to inject arbitrary web script or HTML via the recordsPerPage parameter in a poll_default login action.
CVSS Score
4.3
EPSS Score
0.002
Published
2010-03-26