Lucene search
K

1238 matches found

NVD
NVD
added 2026/07/04 8:16 p.m.9 views

CVE-2026-14648

A security vulnerability has been detected in code-projects Online Voting System up to 0.x/1.0. This issue affects the function testinput of the file /authentication.php of the component Login. Such manipulation of the argument adminUserName/adminPassword leads to sql injection. It is possible to...

7.5CVSS0.00347EPSS
Exploits0References6
NVD
NVD
added 2026/07/04 8:16 p.m.9 views

CVE-2026-14649

A vulnerability was detected in code-projects Online Voting System 1.0. Impacted is the function testinput of the file /saveVote.php. Performing a manipulation of the argument voterName/voterEmail/voterID/selectedCandidate results in sql injection. The attack can be initiated remotely...

7.5CVSS0.00269EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/07/04 7:45 p.m.32 views

CVE-2026-14649 code-projects Online Voting System saveVote.php test_input sql injection

A vulnerability was detected in code-projects Online Voting System 1.0. Impacted is the function testinput of the file /saveVote.php. Performing a manipulation of the argument voterName/voterEmail/voterID/selectedCandidate results in sql injection. The attack can be initiated remotely...

7.5CVSS0.00269EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/07/04 7:45 p.m.9 views

CVE-2026-14649

A vulnerability was detected in code-projects Online Voting System 1.0. Impacted is the function testinput of the file /saveVote.php. Performing a manipulation of the argument voterName/voterEmail/voterID/selectedCandidate results in sql injection. The attack can be initiated remotely...

7.5CVSS7AI score0.00269EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2026/07/04 7:45 p.m.19 views

CVE-2026-14649

The CVE-2026-14649 entry concerns code-projects Online Voting System 1.0. The vulnerability is in the test_input function of /saveVote.php, where manipulating the arguments voterName, voterEmail, voterID, or selectedCandidate leads to SQL injection. The flaw is exploitable remotely over the netwo...

7.5CVSS7AI score0.00269EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/04 7:45 p.m.10 views

EUVD-2026-41693

A vulnerability was detected in code-projects Online Voting System 1.0. Impacted is the function testinput of the file /saveVote.php. Performing a manipulation of the argument voterName/voterEmail/voterID/selectedCandidate results in sql injection. The attack can be initiated remotely...

7.5CVSS7AI score0.00269EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/07/04 7:15 p.m.34 views

CVE-2026-14648 code-projects Online Voting System Login authentication.php test_input sql injection

A security vulnerability has been detected in code-projects Online Voting System up to 0.x/1.0. This issue affects the function testinput of the file /authentication.php of the component Login. Such manipulation of the argument adminUserName/adminPassword leads to sql injection. It is possible to...

7.5CVSS0.00347EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/04 7:15 p.m.7 views

EUVD-2026-41692

A security vulnerability has been detected in code-projects Online Voting System up to 0.x/1.0. This issue affects the function testinput of the file /authentication.php of the component Login. Such manipulation of the argument adminUserName/adminPassword leads to sql injection. It is possible to...

7.5CVSS6.8AI score0.00347EPSS
Exploits0References6
CVE
CVE
added 2026/07/04 7:15 p.m.20 views

CVE-2026-14648

The CVE details a SQL injection in code-projects Online Voting System (versions up to 0.x/1.0) via the Login component, affecting the function test_input in /authentication.php. By manipulating adminUserName/adminPassword arguments, an attacker can exploit the vulnerability remotely. The exploit ...

7.5CVSS6.8AI score0.00347EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/07/04 12:0 a.m.12 views

PT-2026-55728

Name of the Vulnerable Software and Affected Versions code-projects Online Voting System version 1.0 Description A remote SQL injection is possible through the manipulation of the voterName, voterEmail, voterID, or selectedCandidate variables within the test input function of the '/saveVote.php'...

7.5CVSS7.1AI score0.00269EPSS
Exploits0References12
RedhatCVE
RedhatCVE
added 2026/06/05 7:24 p.m.9 views

CVE-2026-8337

Concrete CMS 9.5.0 and below is vulnerable to IDOR in surveys. To be vulnerable, a site would have to be configured in such a way that both public and private surveys are present on the site. An unauthenticated attacker can vote in the restricted survey by submitting the restricted optionID throu...

6.3CVSS5.3AI score0.00194EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:21 p.m.13 views

CVE-2026-34065

nimiq-primitives contains primitives e.g., block, account, transaction to be used in Nimiq's Rust implementation. Prior to version 1.3.0, an untrusted p2p peer can cause a node to panic by announcing an election macro block whose validators set contains an invalid compressed BLS voting key. Hashi...

7.5CVSS5.4AI score0.00372EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/06/02 12:0 a.m.10 views

A Hybrid Approach for Malware Classification Using Secondary Features Fusion

The number of malware either variant or novel is rapidly increasing, making malware detection and mitigation a complex problem. One approach to improving malware mitigation is automatic detection and malware family classification. However, traditional malware detection methods cannot classify...

5.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/24 12:0 a.m.17 views

Pre-Characterization of Electromagnetic Side-Channel Leakage Using Publicly Available Information: A Case Study on E-Voting Interfaces

In this work, we study the interface of the Brazilian e-Voting Machine BVM in the context of electromagnetic side-channel threats commonly referred to as TEMPEST attacks. In a TEMPEST attack against video displays, an eavesdropper uses Software-Defined Radios SDRs to recover sensitive information...

5.8AI score
Exploits0
EUVD
EUVD
added 2026/05/22 12:31 a.m.13 views

EUVD-2026-31359

Concrete CMS 9.5.0 and below is vulnerable to IDOR in surveys. To be vulnerable, a site would have to be configured in such a way that both public and private surveys are present on the site. An unauthenticated attacker can vote in the restricted survey by submitting the restricted optionID throu...

6.3CVSS5.8AI score0.00194EPSS
Exploits0References2
NVD
NVD
added 2026/05/21 10:16 p.m.20 views

CVE-2026-8337

Concrete CMS 9.5.0 and below is vulnerable to IDOR in surveys. To be vulnerable, a site would have to be configured in such a way that both public and private surveys are present on the site. An unauthenticated attacker can vote in the restricted survey by submitting the restricted optionID throu...

6.3CVSS0.00194EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/21 9:13 p.m.8 views

CVE-2026-8337

Concrete CMS 9.5.0 and below is vulnerable to IDOR in surveys. To be vulnerable, a site would have to be configured in such a way that both public and private surveys are present on the site. An unauthenticated attacker can vote in the restricted survey by submitting the restricted optionID throu...

6.3CVSS5.8AI score0.00194EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/05/21 9:13 p.m.33 views

CVE-2026-8337 Concrete CMS 9.5.0 and below is vulnerable to IDOR in surveys when sites are running concurrent public surveys and private surveys

Concrete CMS 9.5.0 and below is vulnerable to IDOR in surveys. To be vulnerable, a site would have to be configured in such a way that both public and private surveys are present on the site. An unauthenticated attacker can vote in the restricted survey by submitting the restricted optionID throu...

6.3CVSS0.00194EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.14 views

PT-2026-42565

Name of the Vulnerable Software and Affected Versions Concrete CMS versions 9.5.0 and earlier Description An Insecure Direct Object Reference IDOR exists in the surveys feature. This occurs when a site is configured with both public and private surveys. An unauthenticated attacker can vote in a...

6.3CVSS5.7AI score0.00194EPSS
Exploits0References4
Packet Storm News
Packet Storm News
added 2026/05/04 12:0 a.m.14 views

Public Voting Records: A Record, or an Attack Surface?

This is a whitepaper discussing a formal methodology for auditing voter-file disclosure regimes against linkage attacks...

5.8AI score
Exploits0
Rows per page
Query Builder