Description
Cross-site scripting (XSS) vulnerability in index.php in Sympoll 1.5 allows remote attackers to inject arbitrary web script or HTML via the vo parameter.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Michael Frame · textwebappsphp
https://www.exploit-db.com/exploits/23330
References (5)
Core 5
Core References
Exploit x_refsource_confirm
http://sourceforge.net/tracker/index.php?func=detail&aid=834374&group_id=64442&atid=507493
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/2790
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/13630
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/10165
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/8956
Scores
EPSS
0.0076
EPSS Percentile
73.6%
Details
Status
published
Products (1)
synthetic_reality/sympoll
1.5
Published
Dec 31, 2003
Tracked Since
Feb 18, 2026