Lucene search
K

1237 matches found

Cvelist
Cvelist
added 2005/12/07 11:0 a.m.19 views

CVE-2005-4051

e107 0.6174 allows remote attackers to vote multiple times for a download via repeated requests to rate.php...

6.7AI score0.01441EPSS
Exploits1References4
CVE
CVE
added 2005/12/07 11:0 a.m.50 views

CVE-2005-4051

The CVE-2005-4051 entry concerns e107 version 0.6174, where remote attackers can abuse the rating mechanism to vote multiple times for a download by issuing repeated requests to rate.php. This describes a vulnerability in the download rating feature that enables repeated submissions, but the prov...

5CVSS7.1AI score0.01441EPSS
Exploits1References4Affected Software1
securityvulns
securityvulns
added 2005/12/05 12:0 a.m.22 views

[Full-disclosure] [scip_Advisory] e107 v0.6 rate.php manipulation

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 e107 v0.6 rate.php voting manipulation and forwarding vulnerability scip AG Vulnerability Advisory 11/10/2005 http://www.scip.ch I. INTRODUCTION e107 is the name of an open-source content management system cms that relies on php and sql. More...

6.5AI score
Exploits0
CVE
CVE
added 2005/11/16 9:17 p.m.45 views

CVE-2002-2163

CVE-2002-2163 affects KvPoll 1.1. The vulnerability allows remote authenticated users to vote multiple times by manipulating the already_voted cookie, including through a direct call to clear_cookies.php. The connected documents do not provide exploitation specifics beyond this cookie-based bypas...

4CVSS6.7AI score0.01193EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2005/07/05 12:0 a.m.33 views

Nabopoll survey.inc.php path Parameter Remote File Inclusion

The remote host is running nabopoll, a web-based voting / survey software for PHP and MySQL. The installed version of nabopoll allows remote attackers to control the 'path' parameter used when including PHP code in the script 'survey.inc.php'. By leveraging this flaw, an attacker is able to view...

5CVSS6.2AI score0.02268EPSS
Exploits1References2
Packet Storm
Packet Storm
added 2005/03/15 12:0 a.m.39 views

stadtaus16.txt

----------------------------------------------------------------------------- Name: Stadtaus Voting Script Release: 1.6 Homepage: http://www.stadtaus.com/phpscripts/votingscript/ Attack: Remote file inclusion Risk: High Date: 8 March 2005 Author: Nextime...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2005/03/13 12:0 a.m.17 views

HolaCMS 1.2.x1.4.x Voting Module - Directory Traversal Remote File Corruption

HolaCMS 1.2.x1.4.x Voting Module - Directory Traversal Remote File Corruption source: https://www.securityfocus.com/bid/12799/info HolaCMS is prone to a vulnerability that may allow remote users to corrupt files on the server. This issue is similar to the vulnerability described in BID 12789...

7.5AI score
Exploits0
Exploit DB
Exploit DB
added 2005/03/12 12:0 a.m.30 views

HolaCMS 1.2/1.4.x Voting Module - Remote File Corruption

source: https://www.securityfocus.com/bid/12789/info HolaCMS is prone to a vulnerability that may allow remote users to corrupt files on the server. This is due an input validation error that allows users to submit voting data to an attacker-specified file. It has been demonstrated that the issue...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/10/21 12:0 a.m.20 views

Coppermine Photo Gallery Voting Restriction Bypass

The remote host is running Coppermine Gallery - a set of PHP scripts designed to handle galleries of pictures. This product has a vulnerability which allows a remote attacker with cookies disabled to cast multiple votes for a picture. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

5.6AI score
Exploits0References1
NVD
NVD
added 2004/08/18 4:0 a.m.19 views

CVE-2003-1045

votes.cgi in Bugzilla 2.16.3 and earlier, and 2.17.1 through 2.17.4, allows remote attackers to read a user's voting page when that user has voted on a restricted bug, which allows remote attackers to read potentially sensitive voting information by modifying the who parameter...

5CVSS6.2AI score0.0121EPSS
Exploits0References5
Cvelist
Cvelist
added 2004/06/03 4:0 a.m.28 views

CVE-2003-1045

votes.cgi in Bugzilla 2.16.3 and earlier, and 2.17.1 through 2.17.4, allows remote attackers to read a user's voting page when that user has voted on a restricted bug, which allows remote attackers to read potentially sensitive voting information by modifying the who parameter...

6.2AI score0.0121EPSS
Exploits0References5
securityvulns
securityvulns
added 2003/12/15 12:0 a.m.30 views

Получение доступа к панели администрирования в Willwin's Web Voting v.1.0

Получение доступа к панели администрирования в Willwin's Web Voting v.1.0 Название скрипта: Willwin's Web Voting Уязвимая версия: v.1.0 Сайт производителя: http://willwin.plex.ru Автор: [email protected] Дата: 13th December 2003 Пароль для получения доступа к панели управления голосованием в...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2002/04/18 12:0 a.m.41 views

[[ TH 026 Inc. ]] SA #1 - Multiple vulnerabilities in PVote 1.5

Telhack Security Advisory - 1 Name: PVote 1.5b Impact: Minor Content manipulation, Script admin Date: April 18 / 2002 Daniel Nystrm [email protected] I N F O PVote is a PHP voting system. It uses MySQL to hold all information about the system. Author has been notified of all three problems...

7.2AI score
Exploits0
exploitpack
exploitpack
added 2002/04/18 12:0 a.m.24 views

PVote 1.01.5 - Poll Content Manipulation

PVote 1.01.5 - Poll Content Manipulation source: https://www.securityfocus.com/bid/4540/info PVote is a web voting system written in PHP. It will run on most Unix and Linux variants as well as Microsoft Windows operating systems. It is possible for a remote attacker to add/delete web polls just b...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2002/04/18 12:0 a.m.15 views

PVote 1.01.5 - Unauthorized Administrative Password Change

PVote 1.01.5 - Unauthorized Administrative Password Change source: https://www.securityfocus.com/bid/4541/info PVote is a web voting system written in PHP. It will run on most Unix and Linux variants as well as Microsoft Windows operating systems. It is possible to change the administrative...

0.9AI score
Exploits0
Exploit DB
Exploit DB
added 2002/04/18 12:0 a.m.26 views

PVote 1.0/1.5 - Unauthorized Administrative Password Change

source: https://www.securityfocus.com/bid/4541/info PVote is a web voting system written in PHP. It will run on most Unix and Linux variants as well as Microsoft Windows operating systems. It is possible to change the administrative password by submitting a malicious web request containing the...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2002/04/18 12:0 a.m.36 views

PVote 1.0/1.5 - Poll Content Manipulation

source: https://www.securityfocus.com/bid/4540/info PVote is a web voting system written in PHP. It will run on most Unix and Linux variants as well as Microsoft Windows operating systems. It is possible for a remote attacker to add/delete web polls just by manipulating the values of URL...

7AI score
Exploits0
Rows per page
Query Builder