31 matches found
EUVD-2008-7050
Malware in sbrugna...
EUVD-2008-0575
Malware in sbrugna...
EUVD-2009-4646
Malware in sbrugna...
EUVD-2025-28726
Malicious code in bioql PyPI...
CVE-2025-6352 code-projects Automated Voting System Backend vote.php direct request
A vulnerability classified as problematic has been found in code-projects Automated Voting System 1.0. Affected is an unknown function of the file /vote.php of the component Backend. The manipulation leads to direct request. It is possible to launch the attack remotely. The exploit has been...
CVE-2025-6352
CVE-2025-6352 affects code-projects Automated Voting System 1.0, Backend vote.php. The vulnerability involves an unknown function in /vote.php enabling direct request manipulation that can be triggered remotely, with exploitation disclosed publicly. Multiple connected sources corroborate a remote...
CVE-2025-6352 code-projects Automated Voting System Backend vote.php direct request
A vulnerability classified as problematic has been found in code-projects Automated Voting System 1.0. Affected is an unknown function of the file /vote.php of the component Backend. The manipulation leads to direct request. It is possible to launch the attack remotely. The exploit has been...
PT-2025-26443 · Unknown · Automated Voting System
Name of the Vulnerable Software and Affected Versions: code-projects Automated Voting System version 1.0 Description: A problematic vulnerability has been found in the Automated Voting System. It affects an unknown function of the file /vote.php in the Backend component. The manipulation leads to...
qibocms v7 /vote.php SQL注入漏洞
No description provided by source...
Finalist - vote.php id Parameter SQL Injection
The finalist WordPress plugin was affected by a vote.php id Parameter SQL Injection security vulnerability...
Sql injection
Multiple SQL injection vulnerabilities in Gnew 2013.1 allow remote attackers to execute arbitrary SQL commands via the 1 answerid or 2 questionid parameter to polls/vote.php, 3 storyid parameter to comments/add.php or 4 comments/edit.php, or 5 threadid parameter to posts/add.php. NOTE: this issue...
CVE-2013-5640
Summary: CVE-2013-5640 (and related CVE-2013-7349) affect the Gnew 2013.1 application, with multiple SQL injection vectors. The vulnerabilities allow remote attackers to inject SQL via parameters in polls/vote.php (answer_id, question_id), comments/add.php (story_id) and comments/edit.php, or pos...
CVE-2013-7219
CVE-2013-7219 affects the Joomla! Sexy Polling extension (com_sexypolling) by 2GLux. The vulnerability is an SQL injection in vote.php caused by insufficient validation of the POST parameter answer_id[]. This allows remote attackers to execute arbitrary SQL commands against the application's data...
cmstop /apps/vote/controller/vote.php SQL注入漏洞
No description provided by source...
EASETHINK 1.4 /vote.php SQL注入漏洞
易想团购是国内一款流行的团购管理系统软件,其v1.4版本/vote.php文件代码第33行,遍历$REQUEST'name'数组,将数组键赋值给$voteaskid变量,代码第40行,将$voteaskid变量拼接SQL语句,并带入数据库查询,这个过程中并未将$voteaskid变量过滤,导致SQL注入漏洞产生。 EASETHINK 1.4...
Easy to want to buy the system to the latest version through the kill vulnerability-vulnerability warning-the black bar safety net
Vulnerability in the vote. php file In require './ system/common.php'; require './ app/Lib/appinit.php'; require './ app/Lib/message.php'; require './ app/Lib/side.php'; if$REQUEST'act'=='dovote' $ok = false; foreach$REQUEST'name' as $voteaskid=$names //if in command-line mode operation, will not...
PHP168 V6.02 vote.php 跨站漏洞
No description provided by source...
Social Share 2010-06-05 HTTP Response Splitting
www.eVuln.com advisory: HTTP Response Splitting in Social Share Summary: http://evuln.com/vulns/168/summary.html Details: http://evuln.com/vulns/168/description.html -----------Summary----------- eVuln ID: EV0168 Software: Social Share Vendor: n/a Version: 2010-06-05 Critical Level: low Type: HTT...
PHP168 V6.02 vote.php存在跨站漏洞
PHP168整站是PHP领域当前功能最强大的建站系统,代码全部开源,可极其方便的进行二次开发,所有功能模块可以自由安装与删除,个人用户完全免费使 用。 跨站demo: http://v6.php168.com/do/vote.php?job=show&cid=%22%3E%3Ciframe%20src=http://www.zhuba.net%3E PHP168 V6.02 等待补丁 /do/vote.php?job=show&cid=%22%3E%3Ciframe%20src=http://www.zhuba.net%3E...
Directory traversal
Directory traversal vulnerability in vote.php in Good/Bad Vote allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the id parameter in a dovote action. NOTE: some of these details are obtained from third party information...