Vulnerabilities (CVE)

Filtered by vendor Synthetic Reality Subscribe
Filtered by product Sympoll
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2003-1175 1 Synthetic Reality 1 Sympoll 2024-02-28 6.8 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in index.php in Sympoll 1.5 allows remote attackers to inject arbitrary web script or HTML via the vo parameter.
CVE-2002-1430 1 Synthetic Reality 1 Sympoll 2024-02-28 5.0 MEDIUM N/A
Unknown vulnerability in Sympoll 1.2 allows remote attackers to read arbitrary files when register_globals is enabled, possibly by modifying certain PHP variables through URL parameters.