vote software vulnerabilities
vulnerabilities.aspcode.net
Searching vote software vulnerabilities
Directory traversal vulnerability in vote.cgi f
vulnerability
|
attackers
|
arbitrary
|
Directory
|
traversal
|
votecgi
|
before
|
remote
|
allows
|
Mike's
|
files
|
Spice
|
write
|
Mike
|
Vote
|
via
|
CGI
|
Directory traversal vulnerability in vote.cgi for Mike Spice Mike's Vote CGI before 1.3 allows remote attackers to write arbitrary files via .. (dot dot) sequences in the type parameter.
KvPoll 1.1 allows remote authenticated users to
clear_cookiesphp
|
"already_voted"
|
authenticated
|
including
|
various
|
setting
|
methods
|
allows
|
cookie
|
KvPoll
|
direct
|
remote
|
users
|
call
|
more
|
vote
|
once
|
than
|
KvPoll 1.1 allows remote authenticated users to vote more than once by setting the "already_voted" cookie by various methods, including a direct call to clear_cookies.php.
HolaCMS 1.4.9 does not restrict file access to
HolaCMS
|
HolaCMS 1.4.9 does not restrict file access to the holaDB/votes directory, which allows remote attackers to overwrite arbitrary files via a modified vote_filename parameter.
Directory traversal vulnerability in HolaCMS 1.
"holaDB/votes"
|
vulnerability
|
attackers
|
arbitrary
|
Directory
|
traversal
|
overwrite
|
followed
|
HolaCMS
|
allows
|
remote
|
149-1
|
files
|
via
|
Directory traversal vulnerability in HolaCMS 1.4.9-1 allows remote attackers to overwrite arbitrary files via a "holaDB/votes" followed by a .. (dot dot) in the vote_filename parameter, which bypasses the check by HolaCMS to ensure that the file is in the holaDB/votes directory.
SQL injection vulnerability in index.php in Com
vulnerability
|
campaign_id
|
parameter
|
arbitrary
|
attackers
|
injection
|
commands
|
indexphp
|
execute
|
earlier
|
action
|
result
|
Caster
|
Comdev
|
allows
|
remote
|
Vote
|
SQL
|
via
|
SQL injection vulnerability in index.php in Comdev Vote Caster 3.1 and earlier allows remote attackers to execute arbitrary SQL commands via the campaign_id parameter in a result action.
SQL injection vulnerability in poll_frame.php i
vulnerability
|
poll_framephp
|
attackers
|
arbitrary
|
injection
|
parameter
|
commands
|
execute
|
poll_id
|
earlier
|
allows
|
remote
|
Vote
|
SQL
|
Pro
|
via
|
SQL injection vulnerability in poll_frame.php in Vote! Pro 4.0 and earlier allows remote attackers to execute arbitrary SQL commands via the poll_id parameter.
polls.php in MyBB (aka MyBulletinBoard) 1.10 al
pollsphp
|
MyBB
|
polls.php in MyBB (aka MyBulletinBoard) 1.10 allows remote attackers to obtain sensitive information via a vote action with an "option[]=null" parameter value, which reveals the path in an error message.
PHP remote file inclusion vulnerability in incl
vulnerability
|
includephp
|
inclusion
|
Importer
|
possibly
|
Comdev
|
remote
|
file
|
used
|
CSV
|
PHP
|
PHP remote file inclusion vulnerability in include.php in Comdev CSV Importer 3.1 and possibly 4.1, as used in (1) Comdev Contact Form 3.1, (2) Comdev Customer Helpdesk 3.1, (3) Comdev Events Calendar 3.1, (4) Comdev FAQ Support 3.1, (5) Comdev Guestbook 3.1, (6) Comdev Links Directory 3.1, (7) Comdev News Publisher 3.1, (8) Comdev Newsletter 3.1, (9) Comdev Photo Gallery 3.1, (10) Comdev Vote Caster 3.1, (11) Comdev Web Blogger 3.1, and (12) Comdev eCommerce 3.1, allows remote attackers to execute arbitrary PHP code via a URL in the path[docroot] parameter. NOTE: it has been reported that 4.1 versions might also be affected.
Eval injection vulnerability in poll_frame.php
vulnerability
|
poll_framephp
|
CVE-2005-4632
|
arbitrary
|
parameter
|
attackers
|
injection
|
different
|
possibly
|
function
|
supplied
|
poll_id
|
execute
|
scripts
|
allows
|
remote
|
other
|
which
|
type
|
Vote
|
Eval
|
than
|
code
|
call
|
via
|
Pro
|
Eval injection vulnerability in poll_frame.php in Vote! Pro 4.0, and possibly other scripts, allows remote attackers to execute arbitrary code via the poll_id parameter, which is supplied to an eval function call, a different vulnerability type than CVE-2005-4632.
Multiple eval injection vulnerabilities in Vote
vulnerabilities
|
CVE-2007-0504
|
unspecified
|
attackers
|
arbitrary
|
parameter
|
different
|
injection
|
supplied
|
requests
|
possibly
|
Multiple
|
function
|
vectors
|
poll_id
|
scripts
|
earlier
|
execute
|
remote
|
allow
|
calls
|
which
|
code
|
than
|
eval
|
Vote
|
set
|
Pro
|
via
|
PHP
|
Multiple eval injection vulnerabilities in Vote! Pro 4.0, and possibly earlier, allow remote attackers to execute arbitrary code via requests to unspecified PHP scripts with the poll_id parameter, which is supplied to eval function calls, a different set of vectors than CVE-2007-0504. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.
Multiple PHP remote file inclusion vulnerabilit
vulnerabilities
|
depouilgphp3
|
inclusion
|
attackers
|
arbitrary
|
Stephane
|
Multiple
|
execute
|
Pineau
|
remote
|
allow
|
code
|
VOTE
|
file
|
URL
|
via
|
PHP
|
Multiple PHP remote file inclusion vulnerabilities in depouilg.php3 in Stephane Pineau VOTE 1c allow remote attackers to execute arbitrary PHP code via a URL in the (1) NomVote and (2) FilePalHex parameters.
Software vulnerabilities results 1 to 12 of 12
Page:
1