Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedhatCVE
RedhatCVEadded 2025/11/20 9:36 p.m.3 views

CVE-2025-65033

Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an authorization flaw in the poll management feature allows any authenticated user to pause or resume any poll, regardless of ownership. The system only uses the public pollId to identify polls, and it does not...

8.1CVSS6.6AI score0.0006EPSS
Exploits1References1
Cvelist
Cvelistadded 2025/11/19 5:26 p.m.9 views

CVE-2025-65033 Rallly Broken Authorization: Any User Can Pause or Resume Any Poll via Poll ID Manipulation

Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an authorization flaw in the poll management feature allows any authenticated user to pause or resume any poll, regardless of ownership. The system only uses the public pollId to identify polls, and it does not...

8.1CVSS0.0006EPSS
Exploits1References2
CVE
CVEadded 2025/11/19 5:26 p.m.12 views

CVE-2025-65033

Rallly prior to 4.5.4 contains an authorization flaw in the poll management feature: polls are identified only by pollId, and ownership is not verified. This allows any authenticated user to pause or resume any poll, compromising integrity and availability. The issue has been patched in version 4...

8.1CVSS6.3AI score0.0006EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologiesadded 2025/11/19 12:0 a.m.3 views

PT-2025-47511

Name of the Vulnerable Software and Affected Versions Rallly versions prior to 4.5.4 Description An authorization issue exists in Rallly, a scheduling and collaboration tool. An authenticated user can manipulate the pollId parameter to reopen finalized polls owned by other users. This can disrupt...

8.1CVSS6.5AI score0.0006EPSS
Exploits1References5
Positive Technologies
Positive Technologiesadded 2025/11/19 12:0 a.m.2 views

PT-2025-47510

Name of the Vulnerable Software and Affected Versions Rallly versions prior to 4.5.4 Description An authorization flaw exists in the poll management feature of Rallly. The system identifies polls using the pollId without verifying user ownership. This allows any authenticated user to pause or...

8.1CVSS6.4AI score0.0006EPSS
Exploits1References5
Positive Technologies
Positive Technologiesadded 2024/08/01 12:0 a.m.2 views

PT-2024-37670 · WordPress · Light Poll Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: The Light Poll WordPress plugin versions through 1.0.0 Description: The issue concerns a lack of CSRF checks when deleting polls, which could allow attackers to make logged-in users perform such actions via a CSRF attack. Recommendations: For...

6.5CVSS6.2AI score0.00247EPSS
Exploits1References6
0day.today
0day.todayadded 2000/11/15 12:0 a.m.14 views

Poll It CGI v2.0 exploit

Exploit for cgi platform in category web applications ======================== Poll It CGI v2.0 exploit ======================== !/usr/bin/perl Poll It CGI v2.0 exploit shouts to modjo, p, zen, kd, ab, all the script kiddies. use Socket; $host, $cgiloc = @ARGV0,1; $ip=inetaton$host; print"\n\t+--...

7.1AI score
Exploits0
Rows per page
Query Builder