CVE-2024-45987

Projectworld Online Voting System Version 1.0 is vulnerable to Cross Site Request Forgery CSRF via voter.php. This vulnerability allows an attacker to craft a malicious link that, when clicked by an authenticated user, automatically submits a vote for a specified party without the user's consent ...

CVE-2024-45986

A stored Cross-Site Scripting XSS vulnerability was identified in Projectworld Online Voting System 1.0 that occurs when an account is registered with a malicious javascript payload. The payload is stored and subsequently executed in the voter.php and profile.php pages whenever the account...

Projectworlds Online Voting System 安全漏洞

Projectworlds Online Voting System is an online voting system from Projectworlds India. A security vulnerability exists in Projectworlds Online Voting System version 1.0, which stems from vulnerability to cross-site request forgery attacks via voter.php, allowing an attacker to create malicious...

CVE-2024-45986

A stored Cross-Site Scripting XSS vulnerability was identified in Projectworld Online Voting System 1.0 that occurs when an account is registered with a malicious javascript payload. The payload is stored and subsequently executed in the voter.php and profile.php pages whenever the account...

CVE-2024-45987

Projectworld Online Voting System Version 1.0 is vulnerable to Cross Site Request Forgery CSRF via voter.php. This vulnerability allows an attacker to craft a malicious link that, when clicked by an authenticated user, automatically submits a vote for a specified party without the user's consent ...

CVE-2024-45987

Summary: CVE-2024-45987 affects Projectworld Online Voting System 1.0, with a CSRF vulnerability exploitable via the voter.php endpoint. An attacker can craft a malicious link that, when clicked by an authenticated user, submits a vote for a chosen party without user consent, abusing the user’s a...