Filtered by vendor Online Voting System Project
Subscriptions
Filtered by product Online Voting System
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-45987 | 1 Online Voting System Project | 1 Online Voting System | 2024-10-05 | 6.5 Medium |
| Projectworld Online Voting System Version 1.0 is vulnerable to Cross Site Request Forgery (CSRF) via voter.php. This vulnerability allows an attacker to craft a malicious link that, when clicked by an authenticated user, automatically submits a vote for a specified party without the user's consent or knowledge. The attack leverages the user's active session to perform the unauthorized action, compromising the integrity of the voting process. | ||||
| CVE-2024-45986 | 1 Online Voting System Project | 1 Online Voting System | 2024-09-30 | 5.4 Medium |
| A stored Cross-Site Scripting (XSS) vulnerability was identified in Projectworld Online Voting System 1.0 that occurs when an account is registered with a malicious javascript payload. The payload is stored and subsequently executed in the voter.php and profile.php pages whenever the account information is accessed. | ||||
Page 1 of 1.