13 matches found
CVE-2024-45987
Projectworld Online Voting System Version 1.0 is vulnerable to Cross Site Request Forgery CSRF via voter.php. This vulnerability allows an attacker to craft a malicious link that, when clicked by an authenticated user, automatically submits a vote for a specified party without the user's consent ...
CVE-2024-45986
A stored Cross-Site Scripting XSS vulnerability was identified in Projectworld Online Voting System 1.0 that occurs when an account is registered with a malicious javascript payload. The payload is stored and subsequently executed in the voter.php and profile.php pages whenever the account...
CVE-2024-51327
SQL Injection in loginform.php in ProjectWorld's Travel Management System v1.0 allows remote attackers to bypass authentication via SQL Injection in the 'username' and 'password' fields...
CVE-2024-51327
SQL Injection in loginform.php in ProjectWorld's Travel Management System v1.0 allows remote attackers to bypass authentication via SQL Injection in the 'username' and 'password' fields...
CVE-2024-51327
ProjectWorlds Travel Management System v1.0 is affected by a SQL Injection in loginform.php (fields: username, password) that can allow authentication bypass. The issue is documented across multiple sources (NVD/Red Hat/CVE list/CNNVD/PT-Security) with high-severity metrics (CVSSv3.1: AV:N/AC:L/P...
CVE-2024-45986
A stored Cross-Site Scripting XSS vulnerability was identified in Projectworld Online Voting System 1.0 that occurs when an account is registered with a malicious javascript payload. The payload is stored and subsequently executed in the voter.php and profile.php pages whenever the account...
CVE-2024-45986
A stored Cross-Site Scripting XSS vulnerability was identified in Projectworld Online Voting System 1.0 that occurs when an account is registered with a malicious javascript payload. The payload is stored and subsequently executed in the voter.php and profile.php pages whenever the account...
CVE-2024-45987
Projectworld Online Voting System Version 1.0 is vulnerable to Cross Site Request Forgery CSRF via voter.php. This vulnerability allows an attacker to craft a malicious link that, when clicked by an authenticated user, automatically submits a vote for a specified party without the user's consent ...
PT-2024-31873 · Unknown · Projectworld Online Voting System
Name of the Vulnerable Software and Affected Versions: Projectworld Online Voting System version 1.0 Description: The issue allows an attacker to craft a malicious link that, when clicked by an authenticated user, automatically submits a vote for a specified party without the user's consent or...
CVE-2024-45986
A stored Cross-Site Scripting XSS vulnerability was identified in Projectworld Online Voting System 1.0 that occurs when an account is registered with a malicious javascript payload. The payload is stored and subsequently executed in the voter.php and profile.php pages whenever the account...
PT-2024-31872 · Unknown · Projectworld Online Voting System
Name of the Vulnerable Software and Affected Versions: Projectworld Online Voting System version 1.0 Description: A stored Cross-Site Scripting XSS issue was identified that occurs when an account is registered with a malicious javascript payload. The payload is stored and subsequently executed i...
CVE-2024-45986
Projectworld Online Voting System 1.0 contains a stored Cross-Site Scripting (XSS) vulnerability. The flaw occurs when an account is registered with a malicious JavaScript payload, which is stored and later executed in voter.php and profile.php whenever account information is accessed. Affected d...
CVE-2024-45986
A stored Cross-Site Scripting XSS vulnerability was identified in Projectworld Online Voting System 1.0 that occurs when an account is registered with a malicious javascript payload. The payload is stored and subsequently executed in the voter.php and profile.php pages whenever the account...