Advanced Voting Management System
Monthly
Improper authorization in Campcodes Advanced Voting Management System 1.0 allows authenticated remote attackers to manipulate the ID parameter in /admin/voters_edit.php, resulting in unauthorized modification of voter passwords. The vulnerability affects the Password Handler component and requires valid user credentials to exploit, limiting real-world risk despite public exploit availability. EPSS exploitation probability is low at 0.06 percentile, suggesting this flaw targets specific administrative scenarios rather than representing widespread attack potential.
Improper authorization in Campcodes Advanced Voting Management System 1.0 allows authenticated remote attackers to manipulate the ID parameter in /admin/voters_edit.php, resulting in unauthorized modification of voter passwords. The vulnerability affects the Password Handler component and requires valid user credentials to exploit, limiting real-world risk despite public exploit availability. EPSS exploitation probability is low at 0.06 percentile, suggesting this flaw targets specific administrative scenarios rather than representing widespread attack potential.