Lucene search
K
CampcodesAdvanced Online Voting System

20 matches found

CVE
CVE
•added 2023/04/14 1:0 p.m.•232 views

CVE-2023-2055

CVE-2023-2055 affects Campcodes Advanced Online Voting System 1.0. The vulnerability exists in /admin/config_save.php and stems from inadequate validation/escaping of the title parameter, enabling cross-site scripting. Exploitation can be performed remotely, and public disclosures exist (VDB-2259...

6.1CVSS4.9AI score0.00604EPSS
Web
CVE
CVE
•added 2023/04/14 12:0 p.m.•110 views

CVE-2023-2052

CVE-2023-2052 affects Campcodes Advanced Online Voting System 1.0; the vulnerability is an SQL injection in /admin/ballot_down.php via the id parameter. Exploitation is remote and the exploit has been publicly disclosed. Public CVSS data indicate a HIGH impact on confidentiality, integrity, and a...

8.8CVSS8.3AI score0.00747EPSS
Web
CVE
CVE
•added 2023/04/14 10:31 a.m.•108 views

CVE-2023-2047

The CVE-2023-2047 entry concerns Campcodes Advanced Online Voting System v1.0, where the vulnerability lies in the login.php file’s voter parameter, enabling SQL injection due to lack of input validation. Multiple connected sources document remote exploitation and public disclosure, indicating po...

8.8CVSS7.1AI score0.00746EPSS
CVE
CVE
•added 2023/04/14 12:31 p.m.•107 views

CVE-2023-2054

CVE-2023-2054 affects Campcodes Advanced Online Voting System v1.0, specifically the /admin/positions_delete.php handler where manipulating the id parameter enables SQL injection. The vulnerability can be triggered remotely and exploits have been publicly disclosed. Multiple sources corroborate a...

8.8CVSS7.1AI score0.00747EPSS
Web
CVE
CVE
•added 2023/04/14 11:0 a.m.•103 views

CVE-2023-2049

Summary: CVE-2023-2049 affects Campcodes Advanced Online Voting System 1.0, where the unvalidated id parameter in /admin/ballot_up.php enables SQL injection. The vulnerability is triggered remotely, with public disclosure of exploits. Root cause appears to be lack of validation/sanitization for t...

8.8CVSS7.2AI score0.0074EPSS
Web
CVE
CVE
•added 2023/04/14 10:31 a.m.•100 views

CVE-2023-2048

CVE-2023-2048 concerns Campcodes Advanced Online Voting System v1.0. The vulnerability lies in the file /admin/voters_row.php where the parameter id is not properly validated, allowing SQL injection . The issue enables remote exploitation and public disclosure of the exploit has occurred (VDB-225...

8.8CVSS7.1AI score0.0074EPSS
Web
CVE
CVE
•added 2023/04/14 11:31 a.m.•90 views

CVE-2023-2051

CVE-2023-2051 affects Campcodes Advanced Online Voting System 1.0. The vulnerability is a SQL injection in the /admin/positions_row.php file, triggered by the id parameter in an unknown function, allowing remote exploitation. Public exploits have been disclosed. Remediation is not specified in th...

8.8CVSS8.4AI score0.00753EPSS
Web
CVE
CVE
•added 2025/05/27 2:31 a.m.•54 views

CVE-2025-5225

CVE-2025-5225 affects Campcodes Advanced Online Voting System 1.0. The vulnerability is a SQL injection in an unknown part of /index.php triggered by manipulating the voter parameter, with remote exploitaton and publicly disclosed exploit. Multiple coordinated sources corroborate the issue and in...

9.8CVSS7.5AI score0.00415EPSS
CVE
CVE
•added 2023/04/14 11:31 a.m.•50 views

CVE-2023-2050

CVE-2023-2050 affects Campcodes Advanced Online Voting System v1.0. The vulnerability is SQL injection in the /admin/positions_add.php handler caused by unsanitized input in the description parameter. Impact is described as critical, with potential confidentiality, integrity, and availability abu...

8.8CVSS8.3AI score0.00795EPSS
Web
CVE
CVE
•added 2023/04/14 12:31 p.m.•43 views

CVE-2023-2053

CVE-2023-2053 affects Campcodes Advanced Online Voting System 1.0. The vulnerability is a SQL injection in the /admin/candidates_row.php file driven by the id parameter, enabling remote exploitation according to public disclosures. Multiple sources confirm the flaw exists in an unknown function h...

8.8CVSS7.1AI score0.00747EPSS
Web
CVE
CVE
•added 2025/07/07 11:2 p.m.•27 views

CVE-2025-7151

The CVE-2025-7151 entry concerns Campcodes Advanced Online Voting System 1.0. The vulnerability resides in the /admin/voters_add.php handler, where manipulating the photo parameter enables unrestricted file upload, potentially allowing remote exploitation. Public disclosures and multiple adapters...

8.8CVSS6.5AI score0.00359EPSS
Web
CVE
CVE
•added 2025/07/07 10:32 p.m.•24 views

CVE-2025-7150

CVE-2025-7150 affects Campcodes Advanced Online Voting System v1.0. A vulnerability in /admin/voters_delete.php allows SQL injection via manipulation of the ID parameter. Exploitation can be performed remotely, and an exploit has been publicly disclosed. The issue exposes confidentiality, integri...

8.8CVSS6.8AI score0.00361EPSS
Web
CVE
CVE
•added 2025/07/07 10:2 p.m.•23 views

CVE-2025-7149

CVE-2025-7149 affects Campcodes Advanced Online Voting System 1.0. The vulnerability is an SQL injection in the file /admin/candidates_delete.php caused by manipulation of the ID parameter. Exploitation is possible remotely and has been publicly disclosed. The reports consistently describe this i...

8.8CVSS7.6AI score0.00361EPSS
Web
CVE
CVE
•added 2025/07/07 11:32 p.m.•23 views

CVE-2025-7152

CVE-2025-7152 affects Campcodes Advanced Online Voting System 1.0. Affected component: an unknown function in /admin/candidates_add.php where manipulating the photo parameter enables unrestricted file upload. The vulnerability can be exploited remotely and the exploit has been publicly disclosed....

8.8CVSS6.6AI score0.00359EPSS
Web
CVE
CVE
•added 2025/09/28 4:32 p.m.•20 views

CVE-2025-11111

Campcodes Advanced Online Voting Management System 1.0 is affected by a SQL injection in the /admin/candidates_edit.php file via manipulation of the ID parameter. The vulnerability arises from improper handling of the ID argument, enabling remote exploitation and has a publicly available exploit....

9.8CVSS6.6AI score0.00441EPSS
Web
CVE
CVE
•added 2025/08/30 3:2 p.m.•19 views

CVE-2025-9694

CVE-2025-9694 affects Campcodes Advanced Online Voting System 1.0. The vulnerability lies in an unknown functionality of /admin/login.php where manipulating the Username argument enables SQL injection. Exploitation can be remote and there are public disclosures of the exploit. CVSS data indicate ...

9.8CVSS7AI score0.00494EPSS
Web
CVE
CVE
•added 2025/10/08 1:32 a.m.•18 views

CVE-2025-11422

The CVE-2025-11422 entry concerns Campcodes Advanced Online Voting Management System 1.0. The vulnerability is a SQL injection in an unknown function of /admin/login.php, triggered by manipulating the Username parameter. It is exploitable remotely and the exploit has been disclosed publicly. Seve...

9.8CVSS7.3AI score0.00479EPSS
Web
CVE
CVE
•added 2025/10/07 9:2 p.m.•14 views

CVE-2025-11409

CVE-2025-11409 affects Campcodes Advanced Online Voting Management System 1.0. The vulnerability is in an unknown function in /index.php where manipulating the voter parameter enables SQL injection. Remote exploitation is possible, and the exploit is public. Multiple sources corroborate the issue...

8.8CVSS6.4AI score0.00306EPSS
CVE
CVE
•added 2025/10/07 9:32 p.m.•13 views

CVE-2025-11410

Affects Campcodes Advanced Online Voting Management System 1.0. The vulnerability lies in the /admin/voters_add.php endpoint where manipulating the firstname argument can cause a SQL injection. It is remotely exploitable and an exploit has been published; other parameters may be affected. Remedia...

8.8CVSS6.3AI score0.00306EPSS
Web
CVE
CVE
•added 2025/10/07 11:32 p.m.•13 views

CVE-2025-11417

CVE-2025-11417 affects Campcodes Advanced Online Voting Management System 1.0. The issue is in the unknown code of /admin/voters_add.php where manipulating the photo argument can lead to unrestricted file upload. Attack is remote and, per the documents, the exploit has been publicly released. Con...

8.8CVSS6.7AI score0.00299EPSS
Web