2 matches found
CVE-2024-45986
A stored Cross-Site Scripting XSS vulnerability was identified in Projectworld Online Voting System 1.0 that occurs when an account is registered with a malicious javascript payload. The payload is stored and subsequently executed in the voter.php and profile.php pages whenever the account...
PT-2024-31873 · Unknown · Projectworld Online Voting System
Name of the Vulnerable Software and Affected Versions: Projectworld Online Voting System version 1.0 Description: The issue allows an attacker to craft a malicious link that, when clicked by an authenticated user, automatically submits a vote for a specified party without the user's consent or...