Lucene search
K
FabianVoting System

10 matches found

CVE
CVE
added 2025/07/14 12:14 a.m.39 views

CVE-2025-7555

CVE-2025-7555 affects code-projects Voting System 1.0. The vulnerability is in the file /admin/voters_add.php where user-supplied firstname/lastname are directly concatenated into an SQL statement, enabling SQL injection. Several connected sources (CNVD, CNNVD, Red Hat, NVD, PT-2025-29400) confir...

8.8CVSS6.8AI score0.00318EPSS
Web
CVE
CVE
added 2025/07/14 12:44 a.m.30 views

CVE-2025-7557

CVE-2025-7557 affects code-projects Voting System 1.0. The vulnerable component is the file /admin/voters_row.php where the input parameter id is concatenated into an SQL statement, causing an SQL injection. Multiple connected sources confirm remote, unauthenticated exploitation with the possibil...

8.8CVSS6.8AI score0.00318EPSS
Web
CVE
CVE
added 2025/07/14 6:44 a.m.30 views

CVE-2025-7581

CVE-2025-7581 affects code-projects Voting System 1.0. The vulnerability lies in the file /admin/positions_edit.php , where the user-supplied id parameter is directly concatenated into an SQL statement, causing an SQL injection. Documents show remote exploitability and publicly disclosed PoC/use,...

8.8CVSS6.8AI score0.00318EPSS
Web
CVE
CVE
added 2025/07/14 12:32 a.m.27 views

CVE-2025-7556

CVE-2025-7556 affects code-projects Voting System 1.0. The vulnerability is an SQL injection in the file /admin/voters_edit.php caused by directly concatenating user-supplied input (e.g., the ID parameter) into SQL statements, enabling remote exploitation and potential data theft. Multiple connec...

8.8CVSS6.8AI score0.00318EPSS
Web
CVE
CVE
added 2025/07/14 1:3 a.m.27 views

CVE-2025-7558

CVE-2025-7558 describes a SQL injection in code-projects Voting System 1.0, exploitable via manipulation of the description parameter in /admin/positions_add.php. Multiple sources confirm the vulnerability, with public PoC and related exploits (e.g., CVE PoC repo) and CNVD/Red Hat entries reitera...

8.8CVSS6.7AI score0.00318EPSS
Web
CVE
CVE
added 2025/07/14 6:32 a.m.25 views

CVE-2025-7580

CVE-2025-7580 affects code-projects Voting System 1.0. The SQL injection arises from the /admin/positions_row.php file where the user-supplied id is directly concatenated into an SQL statement, enabling remote exploitation and potential data leakage if exploited. Public disclosures and PoCs exist...

8.8CVSS6.8AI score0.00318EPSS
Web
CVE
CVE
added 2025/07/26 1:4 a.m.24 views

CVE-2025-8174

CVE-2025-8174 affects code-projects Voting System 1.0. The vulnerability is in /admin/candidates_add.php where the photo upload is not properly validated, allowing unrestricted file uploads (potential webshell). Exploitation described as remote with public disclosure; PoC exists in public sources...

6.5CVSS6.4AI score0.00349EPSS
Web
CVE
CVE
added 2025/10/08 1:2 a.m.22 views

CVE-2025-11421

CVE-2025-11421 applies to code-projects Voting System 1.0. The flaw is a cross-site scripting vulnerability in the unknown function of the file /admin/candidates_edit.php , caused by manipulating the arguments Firstname/Lastname/Platform . Remote exploitation is possible, and an exploit has been ...

5.4CVSS3.8AI score0.00286EPSS
Web
CVE
CVE
added 2025/10/08 11:32 p.m.16 views

CVE-2025-11512

CVE-2025-11512 affects code-projects Voting System 1.0. The issue is a cross-site scripting vulnerability in the file /admin/voters_add.php caused by improper handling of the Firstname/Lastname/Platform parameters. It can be exploited remotely and the exploit has been made public. Affected versio...

6.1CVSS4.1AI score0.00364EPSS
Web
CVE
CVE
added 2025/10/08 10:32 p.m.13 views

CVE-2025-11508

Voting System 1.0 contains a vulnerability in /admin/voters_add.php where manipulating the photo argument enables unrestricted file uploads. The issue is remotely exploitable and has publicly disclosed exploit information. No patch/version remediation details are provided in the supplied document...

9.8CVSS5AI score0.0041EPSS
Web