152 matches found
CVE-2024-45987
Projectworld Online Voting System Version 1.0 is vulnerable to Cross Site Request Forgery CSRF via voter.php. This vulnerability allows an attacker to craft a malicious link that, when clicked by an authenticated user, automatically submits a vote for a specified party without the user's consent ...
Upgraded Q -> 2 from #549 [1704652745528]
Judge has assessed an item in Issue 549 as 2 risk. The relevant finding follows: L-02 The first piece created can pass quorumVotes without any votes if totalSupply of ERC20 votes is zero --- The text was updated successfully, but these errors were encountered: All reactions...
CVE-2023-4642
The kk Star Ratings WordPress plugin before 5.4.6 does not implement atomic operations, allowing one user vote multiple times on a poll due to a Race Condition...
Race condition
The kk Star Ratings WordPress plugin before 5.4.6 does not implement atomic operations, allowing one user vote multiple times on a poll due to a Race Condition...
PT-2023-30018 · WordPress · Kk Star Ratings
Name of the Vulnerable Software and Affected Versions: kk Star Ratings WordPress plugin versions prior to 5.4.6 Description: The issue allows a user to vote multiple times on a poll due to a Race Condition, as the plugin does not implement atomic operations. Recommendations: For versions prior to...
CVE-2023-6109
The YOP Poll plugin for WordPress is vulnerable to a race condition in all versions up to, and including, 6.5.26. This is due to improper restrictions on the add function. This makes it possible for unauthenticated attackers to place multiple votes on a single poll even when the poll is set to on...
CVE-2023-6109
The YOP Poll plugin for WordPress is vulnerable to a race condition in all versions up to, and including, 6.5.26. This is due to improper restrictions on the add function. This makes it possible for unauthenticated attackers to place multiple votes on a single poll even when the poll is set to on...
Race condition
The YOP Poll plugin for WordPress is vulnerable to a race condition in all versions up to, and including, 6.5.26. This is due to improper restrictions on the add function. This makes it possible for unauthenticated attackers to place multiple votes on a single poll even when the poll is set to on...
CVE-2023-6109 YOP Poll <= 6.5.26 - Race Condition to Vote Manipulation
The YOP Poll plugin for WordPress is vulnerable to a race condition in all versions up to, and including, 6.5.26. This is due to improper restrictions on the add function. This makes it possible for unauthenticated attackers to place multiple votes on a single poll even when the poll is set to on...
CVE-2023-6109 YOP Poll <= 6.5.26 - Race Condition to Vote Manipulation
The YOP Poll plugin for WordPress is vulnerable to a race condition in all versions up to, and including, 6.5.26. This is due to improper restrictions on the add function. This makes it possible for unauthenticated attackers to place multiple votes on a single poll even when the poll is set to on...
PT-2023-32522 · WordPress · Yop Poll
Name of the Vulnerable Software and Affected Versions: YOP Poll plugin for WordPress versions up to, and including, 6.5.26 Description: The issue is due to a race condition caused by improper restrictions on the add function. This allows unauthenticated attackers to place multiple votes on a sing...
CVE-2023-43814 Exposure of poll options and votes to unauthorized users in Discourse
Discourse is an open source platform for community discussion. Attackers with details specific to a poll in a topic can use the /polls/groupedpollresults endpoint to view the content of options in the poll and the number of votes for groups of poll participants. This impacts private polls where t...
Same multiple delegate values result in wrong calculation of delegated votes
Lines of code Vulnerability details Impact Detailed description of the impact of this finding. If by mistake same delegate value is given multiple times to targets array then delegation of votes is wrongly calculated. Proof of Concept Provide direct links to all referenced code in GitHub. Add...
Assumptions are currently made that prices would forever be positive
Lines of code Vulnerability details Impact Neglecting the potential for negative asset prices can lead to inaccurate value representation in the Liquidity Pool, possibly affecting calculations related to assets and tokens. It's crucial to note that the value of an asset, even if negative in the...
The quorum calculation in the _quorumReached() function is inconsistent and could allow abstain votes to prevent a proposal from reaching quorum even if most participating voters are in favor
Lines of code Vulnerability details Impact This allows abstain voters to effectively veto a proposal, even if most participating voters approve it. Proof of Concept The quorum numerator and denominator are inconsistent. The quorum uses totalVotes for the denominator which includes abstains. But t...
setFullWeightDuration() can be called while a member election is ongoing
Lines of code Vulnerability details Bug Description In SecurityCouncilMemberElectionGovernorCountingUpgradeable, fullWeightDuration which is the duration where a user's votes has weight 1 can be set using setFullWeightDuration: SecurityCouncilMemberElectionGovernorCountingUpgradeable.solL77-L84...
Stealing or reusing votes
Lines of code Vulnerability details Impact It is possible to reuse/steal user's votes if they are supposed to cast vote by signature. Proof of Concept Casting votes during nominee election and member election is possible by calling the functions: castVoteWithReasonAndParams...
getPastCirculatingSupply() returns the ARB token supply instead of circulating votes supply
Lines of code Vulnerability details Bug Description In ArbitrumGovernorVotesQuorumFractionUpgradeable, the getPastCirculatingSupply function is used when calculating quorum for proposals: ArbitrumGovernorVotesQuorumFractionUpgradeable.solL31-L35 /// @notice Get "circulating" votes supply; i.e.,...
add_gauge doesn't initialize time_weight and update time_sum
Lines of code Vulnerability details Impact In Curve's implementation, when adding gauge, timeweight of gauge type is being initialized and timesum being updated. if self.timesumgaugetype == 0: self.timesumgaugetype = nexttime self.timeweightaddr = nexttime Since timesum has been set in constructo...
Voting can fail in early stage of voting in case of voter's voting power increase .
Lines of code Vulnerability details Impact Voting may fail in early stage of voting in case of voter's voting power increase . Proof of Concept In CoreVoting.sol , in terms of voting again the logic in vote function looks like this : // if a user has already voted, undo their previous vote. //...