Skip to main content

Online Voting System

4 CVEs product

Monthly

CVE-2026-14648 MEDIUM POC This Month

Unauthenticated SQL injection in code-projects Online Voting System 0.x-1.0 exposes the admin login endpoint to full authentication bypass and database extraction. The vulnerability resides in the `test_input` function within `/authentication.php`, where the `adminUserName` and `adminPassword` parameters are passed unsanitized into SQL queries, enabling classic injection attacks against the login form. A public proof-of-concept exploit has been published on GitHub; no vendor patch has been identified at time of analysis.

SQLi PHP Online Voting System
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.3%
CVE-2024-45987 MEDIUM POC This Month

Projectworld Online Voting System Version 1.0 is vulnerable to Cross Site Request Forgery (CSRF) via voter.php. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP CSRF Online Voting System
NVD GitHub
CVSS 3.1
6.5
EPSS
0.2%
CVE-2023-43470 CRITICAL POC Act Now

SQL injection vulnerability in janobe Online Voting System v.1.0 allows a remote attacker to execute arbitrary code via the checklogin.php component. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP SQLi Online Voting System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2020-29239 MEDIUM POC This Month

Online Birth Certificate System Project V 1.0 is affected by cross-site scripting (XSS). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Online Voting System
NVD Exploit-DB
CVSS 3.1
6.1
EPSS
0.5%
EPSS 0% CVSS 5.5
MEDIUM POC This Month

Unauthenticated SQL injection in code-projects Online Voting System 0.x-1.0 exposes the admin login endpoint to full authentication bypass and database extraction. The vulnerability resides in the `test_input` function within `/authentication.php`, where the `adminUserName` and `adminPassword` parameters are passed unsanitized into SQL queries, enabling classic injection attacks against the login form. A public proof-of-concept exploit has been published on GitHub; no vendor patch has been identified at time of analysis.

SQLi PHP Online Voting System
NVD VulDB GitHub
EPSS 0% CVSS 6.5
MEDIUM POC This Month

Projectworld Online Voting System Version 1.0 is vulnerable to Cross Site Request Forgery (CSRF) via voter.php. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP CSRF Online Voting System
NVD GitHub
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

SQL injection vulnerability in janobe Online Voting System v.1.0 allows a remote attacker to execute arbitrary code via the checklogin.php component. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE PHP SQLi +1
NVD GitHub
EPSS 0% CVSS 6.1
MEDIUM POC This Month

Online Birth Certificate System Project V 1.0 is affected by cross-site scripting (XSS). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Online Voting System
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy