1238 matches found
CVE-2026-14648
A security vulnerability has been detected in code-projects Online Voting System up to 0.x/1.0. This issue affects the function testinput of the file /authentication.php of the component Login. Such manipulation of the argument adminUserName/adminPassword leads to sql injection. It is possible to...
CVE-2026-14649
A vulnerability was detected in code-projects Online Voting System 1.0. Impacted is the function testinput of the file /saveVote.php. Performing a manipulation of the argument voterName/voterEmail/voterID/selectedCandidate results in sql injection. The attack can be initiated remotely...
CVE-2026-14649 code-projects Online Voting System saveVote.php test_input sql injection
A vulnerability was detected in code-projects Online Voting System 1.0. Impacted is the function testinput of the file /saveVote.php. Performing a manipulation of the argument voterName/voterEmail/voterID/selectedCandidate results in sql injection. The attack can be initiated remotely...
CVE-2026-14649
A vulnerability was detected in code-projects Online Voting System 1.0. Impacted is the function testinput of the file /saveVote.php. Performing a manipulation of the argument voterName/voterEmail/voterID/selectedCandidate results in sql injection. The attack can be initiated remotely...
CVE-2026-14649
The CVE-2026-14649 entry concerns code-projects Online Voting System 1.0. The vulnerability is in the test_input function of /saveVote.php, where manipulating the arguments voterName, voterEmail, voterID, or selectedCandidate leads to SQL injection. The flaw is exploitable remotely over the netwo...
EUVD-2026-41693
A vulnerability was detected in code-projects Online Voting System 1.0. Impacted is the function testinput of the file /saveVote.php. Performing a manipulation of the argument voterName/voterEmail/voterID/selectedCandidate results in sql injection. The attack can be initiated remotely...
CVE-2026-14648 code-projects Online Voting System Login authentication.php test_input sql injection
A security vulnerability has been detected in code-projects Online Voting System up to 0.x/1.0. This issue affects the function testinput of the file /authentication.php of the component Login. Such manipulation of the argument adminUserName/adminPassword leads to sql injection. It is possible to...
EUVD-2026-41692
A security vulnerability has been detected in code-projects Online Voting System up to 0.x/1.0. This issue affects the function testinput of the file /authentication.php of the component Login. Such manipulation of the argument adminUserName/adminPassword leads to sql injection. It is possible to...
CVE-2026-14648
The CVE details a SQL injection in code-projects Online Voting System (versions up to 0.x/1.0) via the Login component, affecting the function test_input in /authentication.php. By manipulating adminUserName/adminPassword arguments, an attacker can exploit the vulnerability remotely. The exploit ...
PT-2026-55728
Name of the Vulnerable Software and Affected Versions code-projects Online Voting System version 1.0 Description A remote SQL injection is possible through the manipulation of the voterName, voterEmail, voterID, or selectedCandidate variables within the test input function of the '/saveVote.php'...
CVE-2026-8337
Concrete CMS 9.5.0 and below is vulnerable to IDOR in surveys. To be vulnerable, a site would have to be configured in such a way that both public and private surveys are present on the site. An unauthenticated attacker can vote in the restricted survey by submitting the restricted optionID throu...
CVE-2026-34065
nimiq-primitives contains primitives e.g., block, account, transaction to be used in Nimiq's Rust implementation. Prior to version 1.3.0, an untrusted p2p peer can cause a node to panic by announcing an election macro block whose validators set contains an invalid compressed BLS voting key. Hashi...
A Hybrid Approach for Malware Classification Using Secondary Features Fusion
The number of malware either variant or novel is rapidly increasing, making malware detection and mitigation a complex problem. One approach to improving malware mitigation is automatic detection and malware family classification. However, traditional malware detection methods cannot classify...
Pre-Characterization of Electromagnetic Side-Channel Leakage Using Publicly Available Information: A Case Study on E-Voting Interfaces
In this work, we study the interface of the Brazilian e-Voting Machine BVM in the context of electromagnetic side-channel threats commonly referred to as TEMPEST attacks. In a TEMPEST attack against video displays, an eavesdropper uses Software-Defined Radios SDRs to recover sensitive information...
EUVD-2026-31359
Concrete CMS 9.5.0 and below is vulnerable to IDOR in surveys. To be vulnerable, a site would have to be configured in such a way that both public and private surveys are present on the site. An unauthenticated attacker can vote in the restricted survey by submitting the restricted optionID throu...
CVE-2026-8337
Concrete CMS 9.5.0 and below is vulnerable to IDOR in surveys. To be vulnerable, a site would have to be configured in such a way that both public and private surveys are present on the site. An unauthenticated attacker can vote in the restricted survey by submitting the restricted optionID throu...
CVE-2026-8337
Concrete CMS 9.5.0 and below is vulnerable to IDOR in surveys. To be vulnerable, a site would have to be configured in such a way that both public and private surveys are present on the site. An unauthenticated attacker can vote in the restricted survey by submitting the restricted optionID throu...
CVE-2026-8337 Concrete CMS 9.5.0 and below is vulnerable to IDOR in surveys when sites are running concurrent public surveys and private surveys
Concrete CMS 9.5.0 and below is vulnerable to IDOR in surveys. To be vulnerable, a site would have to be configured in such a way that both public and private surveys are present on the site. An unauthenticated attacker can vote in the restricted survey by submitting the restricted optionID throu...
PT-2026-42565
Name of the Vulnerable Software and Affected Versions Concrete CMS versions 9.5.0 and earlier Description An Insecure Direct Object Reference IDOR exists in the surveys feature. This occurs when a site is configured with both public and private surveys. An unauthenticated attacker can vote in a...
Public Voting Records: A Record, or an Attack Surface?
This is a whitepaper discussing a formal methodology for auditing voter-file disclosure regimes against linkage attacks...