20 matches found
CVE-2023-2055
CVE-2023-2055 affects Campcodes Advanced Online Voting System 1.0. The vulnerability exists in /admin/config_save.php and stems from inadequate validation/escaping of the title parameter, enabling cross-site scripting. Exploitation can be performed remotely, and public disclosures exist (VDB-2259...
CVE-2023-2052
CVE-2023-2052 affects Campcodes Advanced Online Voting System 1.0; the vulnerability is an SQL injection in /admin/ballot_down.php via the id parameter. Exploitation is remote and the exploit has been publicly disclosed. Public CVSS data indicate a HIGH impact on confidentiality, integrity, and a...
CVE-2023-2047
The CVE-2023-2047 entry concerns Campcodes Advanced Online Voting System v1.0, where the vulnerability lies in the login.php file’s voter parameter, enabling SQL injection due to lack of input validation. Multiple connected sources document remote exploitation and public disclosure, indicating po...
CVE-2023-2054
CVE-2023-2054 affects Campcodes Advanced Online Voting System v1.0, specifically the /admin/positions_delete.php handler where manipulating the id parameter enables SQL injection. The vulnerability can be triggered remotely and exploits have been publicly disclosed. Multiple sources corroborate a...
CVE-2023-2049
Summary: CVE-2023-2049 affects Campcodes Advanced Online Voting System 1.0, where the unvalidated id parameter in /admin/ballot_up.php enables SQL injection. The vulnerability is triggered remotely, with public disclosure of exploits. Root cause appears to be lack of validation/sanitization for t...
CVE-2023-2048
CVE-2023-2048 concerns Campcodes Advanced Online Voting System v1.0. The vulnerability lies in the file /admin/voters_row.php where the parameter id is not properly validated, allowing SQL injection . The issue enables remote exploitation and public disclosure of the exploit has occurred (VDB-225...
CVE-2023-2051
CVE-2023-2051 affects Campcodes Advanced Online Voting System 1.0. The vulnerability is a SQL injection in the /admin/positions_row.php file, triggered by the id parameter in an unknown function, allowing remote exploitation. Public exploits have been disclosed. Remediation is not specified in th...
CVE-2025-5225
CVE-2025-5225 affects Campcodes Advanced Online Voting System 1.0. The vulnerability is a SQL injection in an unknown part of /index.php triggered by manipulating the voter parameter, with remote exploitaton and publicly disclosed exploit. Multiple coordinated sources corroborate the issue and in...
CVE-2023-2050
CVE-2023-2050 affects Campcodes Advanced Online Voting System v1.0. The vulnerability is SQL injection in the /admin/positions_add.php handler caused by unsanitized input in the description parameter. Impact is described as critical, with potential confidentiality, integrity, and availability abu...
CVE-2023-2053
CVE-2023-2053 affects Campcodes Advanced Online Voting System 1.0. The vulnerability is a SQL injection in the /admin/candidates_row.php file driven by the id parameter, enabling remote exploitation according to public disclosures. Multiple sources confirm the flaw exists in an unknown function h...
CVE-2025-7151
The CVE-2025-7151 entry concerns Campcodes Advanced Online Voting System 1.0. The vulnerability resides in the /admin/voters_add.php handler, where manipulating the photo parameter enables unrestricted file upload, potentially allowing remote exploitation. Public disclosures and multiple adapters...
CVE-2025-7150
CVE-2025-7150 affects Campcodes Advanced Online Voting System v1.0. A vulnerability in /admin/voters_delete.php allows SQL injection via manipulation of the ID parameter. Exploitation can be performed remotely, and an exploit has been publicly disclosed. The issue exposes confidentiality, integri...
CVE-2025-7149
CVE-2025-7149 affects Campcodes Advanced Online Voting System 1.0. The vulnerability is an SQL injection in the file /admin/candidates_delete.php caused by manipulation of the ID parameter. Exploitation is possible remotely and has been publicly disclosed. The reports consistently describe this i...
CVE-2025-7152
CVE-2025-7152 affects Campcodes Advanced Online Voting System 1.0. Affected component: an unknown function in /admin/candidates_add.php where manipulating the photo parameter enables unrestricted file upload. The vulnerability can be exploited remotely and the exploit has been publicly disclosed....
CVE-2025-11111
Campcodes Advanced Online Voting Management System 1.0 is affected by a SQL injection in the /admin/candidates_edit.php file via manipulation of the ID parameter. The vulnerability arises from improper handling of the ID argument, enabling remote exploitation and has a publicly available exploit....
CVE-2025-9694
CVE-2025-9694 affects Campcodes Advanced Online Voting System 1.0. The vulnerability lies in an unknown functionality of /admin/login.php where manipulating the Username argument enables SQL injection. Exploitation can be remote and there are public disclosures of the exploit. CVSS data indicate ...
CVE-2025-11422
The CVE-2025-11422 entry concerns Campcodes Advanced Online Voting Management System 1.0. The vulnerability is a SQL injection in an unknown function of /admin/login.php, triggered by manipulating the Username parameter. It is exploitable remotely and the exploit has been disclosed publicly. Seve...
CVE-2025-11409
CVE-2025-11409 affects Campcodes Advanced Online Voting Management System 1.0. The vulnerability is in an unknown function in /index.php where manipulating the voter parameter enables SQL injection. Remote exploitation is possible, and the exploit is public. Multiple sources corroborate the issue...
CVE-2025-11410
Affects Campcodes Advanced Online Voting Management System 1.0. The vulnerability lies in the /admin/voters_add.php endpoint where manipulating the firstname argument can cause a SQL injection. It is remotely exploitable and an exploit has been published; other parameters may be affected. Remedia...
CVE-2025-11417
CVE-2025-11417 affects Campcodes Advanced Online Voting Management System 1.0. The issue is in the unknown code of /admin/voters_add.php where manipulating the photo argument can lead to unrestricted file upload. Attack is remote and, per the documents, the exploit has been publicly released. Con...