Vulnerabilities > Dreamlevels

DATE	CVE	VULNERABILITY TITLE	RISK
2010-03-26	CVE-2009-4746	Cross-Site Scripting vulnerability in Dreamlevels Dreampoll 3.1 Cross-site scripting (XSS) vulnerability in index.php in Dreamlevels DreamPoll 3.1 allows remote attackers to inject arbitrary web script or HTML via the recordsPerPage parameter in a poll_default login action. network dreamlevels CWE-79	4.3
2010-03-26	CVE-2009-4745	SQL Injection vulnerability in Dreamlevels Dreampoll 3.1 Multiple SQL injection vulnerabilities in index.php in Dreamlevels DreamPoll 3.1 allow remote attackers to execute arbitrary SQL commands via the (1) sortField, (2) sortDesc, or (3) pageNumber parameter in a login action. network low complexity dreamlevels CWE-89	7.5
2008-07-16	CVE-2008-3189	SQL Injection vulnerability in Dreamlevels Dreamnews Manager SQL injection vulnerability in dreamnews-rss.php in DreamNews Manager allows remote attackers to execute arbitrary SQL commands via the id parameter. network low complexity dreamlevels CWE-89	7.5
2008-07-10	CVE-2008-3119	SQL Injection vulnerability in Dreamlevels Dream Pics Builder SQL injection vulnerability in index.php in DreamPics Builder allows remote attackers to execute arbitrary SQL commands via the page parameter. network low complexity dreamlevels CWE-89	7.5
2005-12-15	CVE-2005-4254	SQL Injection vulnerability in Dreamlevels Dream Poll 3.0Final SQL injection vulnerability in view_Results.php in DreamLevels DreamPoll 3.0 final allows remote attackers to execute arbitrary SQL commands via the id parameter. network low complexity dreamlevels	7.5

Vulnerabilities > Dreamlevels {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Dreamlevels"}]}

Vulnerabilities > Dreamlevels