Vulnerabilities > Cardozatechnologies

DATE CVE VULNERABILITY TITLE RISK
2024-01-17 CVE-2022-41990 Cross-Site Request Forgery (CSRF) vulnerability in Cardozatechnologies Cardoza-3D-Tag-Cloud
Cross-Site Request Forgery (CSRF) vulnerability in Vinoj Cardoza 3D Tag Cloud allows Stored XSS.This issue affects 3D Tag Cloud: from n/a through 3.8.
network
low complexity
cardozatechnologies CWE-352
8.8
2020-02-13 CVE-2013-1401 SQL Injection vulnerability in Cardozatechnologies Wordpress Poll 34.05
Multiple security bypass vulnerabilities in the editAnswer, deleteAnswer, addAnswer, and deletePoll functions in WordPress Poll Plugin 34.5 for WordPress allow a remote attacker to add, edit, and delete an answer and delete a poll.
network
low complexity
cardozatechnologies CWE-89
7.5
2020-02-13 CVE-2013-1400 SQL Injection vulnerability in Cardozatechnologies Wordpress Poll 34.05/34.06
Multiple SQL injection vulnerabilities in CWPPoll.js in WordPress Poll Plugin 34.5 for WordPress allow attackers to execute arbitrary SQL commands via the pollid or poll_id parameter in a viewPollResults or userlogs action.
network
low complexity
cardozatechnologies CWE-89
7.5