RSS   Vulnerabilities for 'Fauzantrif election'   RSS

2020-02-22
 
CVE-2020-9340

CWE-89
 

 
fauzantrif eLection 2.0 has SQL Injection via the admin/ajax/op_kandidat.php id parameter.

 
 
CVE-2020-9336

CWE-79
 

 
fauzantrif eLection 2.0 has XSS via the Admin Dashboard -> Settings -> Election -> "message if election is closed" field.

 


Copyright 2024, cxsecurity.com

 

Back to Top