CVE-2026-20219

A vulnerability in the REST API of Cisco Slido could have allowed an authenticated, remote attacker to access the social profile data of other users or affect quiz and poll results. Cisco has addressed this vulnerability in Cisco Slido and no customer action is needed. This vulnerability existed...

CVE-2026-20219

Cisco Slido REST API contains an insecure direct object reference that could let an authenticated, remote attacker view other users’ social profiles or affect quiz/poll results via a crafted request. Impact described as low confidentiality and integrity impact, with no availability impact. Cisco ...

Cisco Slido Insecure Direct Object Reference Vulnerability

A vulnerability in the REST API of Cisco Slido could have allowed an authenticated, remote attacker to access the social profile data of other users or affect quiz and poll results. Cisco has addressed this vulnerability in Cisco Slido and no customer action is needed. This vulnerability existed...

EUVD-2023-48179

Malicious code in bioql PyPI...

CVE-2021-24442

The Poll, Survey, Questionnaire and Voting system WordPress plugin before 1.5.3 did not sanitise, escape or validate the dateanswers POST parameter before using it in a SQL statement when sending a Poll result, allowing unauthenticated users to perform SQL Injection attacks...

Misskey 输入验证错误漏洞

Misskey is a perpetually free open source federated social media platform from Misskey Open Source. An input validation error vulnerability exists in Misskey versions 10.92.1 through prior to 2024.11.0-alpha.3, which stems from a lack of authentication that allows an attacker to modify the result...

CVE-2023-43814 Exposure of poll options and votes to unauthorized users in Discourse

Discourse is an open source platform for community discussion. Attackers with details specific to a poll in a topic can use the /polls/groupedpollresults endpoint to view the content of options in the poll and the number of votes for groups of poll participants. This impacts private polls where t...

PT-2023-29000 · Discourse · Discourse

Name of the Vulnerable Software and Affected Versions: Discourse versions prior to 3.1.1 stable Discourse versions prior to 3.2.0.beta2 Description: Discourse is an open source platform for community discussion. Attackers with details specific to a poll in a topic can use the "/polls/grouped poll...

Code injection

BigBlueButton is an open source web conferencing system. This vulnerability only affects release candidates of BigBlueButton 2.4. The attacker can start a subscription for poll results before starting an anonymous poll, and use this subscription to see individual responses in the anonymous poll...

BigBlueButton 信息泄露漏洞

BigBlueButton is an open source web conferencing system from the BigBlueButton community. An information disclosure vulnerability exists in versions of BigBlueButton prior to 2.4.0, which can be exploited by an attacker to start a subscription to the results of an anonymous poll before it is...

WordPress 插件 SQL注入漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress Plugin is a WordPress open source application plugin . The WordPress plugin suffers from a code injection...

Smart ASP Survey - Cross-Site Scripting / SQL Injection

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : Inj3ct0r.com 0 1 + Support e-mail :...