1237 matches found
CVE-2005-4051
e107 0.6174 allows remote attackers to vote multiple times for a download via repeated requests to rate.php...
CVE-2005-4051
The CVE-2005-4051 entry concerns e107 version 0.6174, where remote attackers can abuse the rating mechanism to vote multiple times for a download by issuing repeated requests to rate.php. This describes a vulnerability in the download rating feature that enables repeated submissions, but the prov...
[Full-disclosure] [scip_Advisory] e107 v0.6 rate.php manipulation
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 e107 v0.6 rate.php voting manipulation and forwarding vulnerability scip AG Vulnerability Advisory 11/10/2005 http://www.scip.ch I. INTRODUCTION e107 is the name of an open-source content management system cms that relies on php and sql. More...
CVE-2002-2163
CVE-2002-2163 affects KvPoll 1.1. The vulnerability allows remote authenticated users to vote multiple times by manipulating the already_voted cookie, including through a direct call to clear_cookies.php. The connected documents do not provide exploitation specifics beyond this cookie-based bypas...
Nabopoll survey.inc.php path Parameter Remote File Inclusion
The remote host is running nabopoll, a web-based voting / survey software for PHP and MySQL. The installed version of nabopoll allows remote attackers to control the 'path' parameter used when including PHP code in the script 'survey.inc.php'. By leveraging this flaw, an attacker is able to view...
stadtaus16.txt
----------------------------------------------------------------------------- Name: Stadtaus Voting Script Release: 1.6 Homepage: http://www.stadtaus.com/phpscripts/votingscript/ Attack: Remote file inclusion Risk: High Date: 8 March 2005 Author: Nextime...
HolaCMS 1.2.x1.4.x Voting Module - Directory Traversal Remote File Corruption
HolaCMS 1.2.x1.4.x Voting Module - Directory Traversal Remote File Corruption source: https://www.securityfocus.com/bid/12799/info HolaCMS is prone to a vulnerability that may allow remote users to corrupt files on the server. This issue is similar to the vulnerability described in BID 12789...
HolaCMS 1.2/1.4.x Voting Module - Remote File Corruption
source: https://www.securityfocus.com/bid/12789/info HolaCMS is prone to a vulnerability that may allow remote users to corrupt files on the server. This is due an input validation error that allows users to submit voting data to an attacker-specified file. It has been demonstrated that the issue...
Coppermine Photo Gallery Voting Restriction Bypass
The remote host is running Coppermine Gallery - a set of PHP scripts designed to handle galleries of pictures. This product has a vulnerability which allows a remote attacker with cookies disabled to cast multiple votes for a picture. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
CVE-2003-1045
votes.cgi in Bugzilla 2.16.3 and earlier, and 2.17.1 through 2.17.4, allows remote attackers to read a user's voting page when that user has voted on a restricted bug, which allows remote attackers to read potentially sensitive voting information by modifying the who parameter...
CVE-2003-1045
votes.cgi in Bugzilla 2.16.3 and earlier, and 2.17.1 through 2.17.4, allows remote attackers to read a user's voting page when that user has voted on a restricted bug, which allows remote attackers to read potentially sensitive voting information by modifying the who parameter...
Получение доступа к панели администрирования в Willwin's Web Voting v.1.0
Получение доступа к панели администрирования в Willwin's Web Voting v.1.0 Название скрипта: Willwin's Web Voting Уязвимая версия: v.1.0 Сайт производителя: http://willwin.plex.ru Автор: [email protected] Дата: 13th December 2003 Пароль для получения доступа к панели управления голосованием в...
[[ TH 026 Inc. ]] SA #1 - Multiple vulnerabilities in PVote 1.5
Telhack Security Advisory - 1 Name: PVote 1.5b Impact: Minor Content manipulation, Script admin Date: April 18 / 2002 Daniel Nystrm [email protected] I N F O PVote is a PHP voting system. It uses MySQL to hold all information about the system. Author has been notified of all three problems...
PVote 1.01.5 - Poll Content Manipulation
PVote 1.01.5 - Poll Content Manipulation source: https://www.securityfocus.com/bid/4540/info PVote is a web voting system written in PHP. It will run on most Unix and Linux variants as well as Microsoft Windows operating systems. It is possible for a remote attacker to add/delete web polls just b...
PVote 1.01.5 - Unauthorized Administrative Password Change
PVote 1.01.5 - Unauthorized Administrative Password Change source: https://www.securityfocus.com/bid/4541/info PVote is a web voting system written in PHP. It will run on most Unix and Linux variants as well as Microsoft Windows operating systems. It is possible to change the administrative...
PVote 1.0/1.5 - Unauthorized Administrative Password Change
source: https://www.securityfocus.com/bid/4541/info PVote is a web voting system written in PHP. It will run on most Unix and Linux variants as well as Microsoft Windows operating systems. It is possible to change the administrative password by submitting a malicious web request containing the...
PVote 1.0/1.5 - Poll Content Manipulation
source: https://www.securityfocus.com/bid/4540/info PVote is a web voting system written in PHP. It will run on most Unix and Linux variants as well as Microsoft Windows operating systems. It is possible for a remote attacker to add/delete web polls just by manipulating the values of URL...