Vulnerabilities > Projectworlds > Online Voting System Project > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-12-20 CVE-2023-48434 SQL Injection vulnerability in Projectworlds Online Voting System Project 1.0
Online Voting System Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'username' parameter of the reg_action.php resource does not validate the characters received and they are sent unfiltered to the database.
network
low complexity
projectworlds CWE-89
critical
9.8
2023-12-20 CVE-2023-48433 SQL Injection vulnerability in Projectworlds Online Voting System Project 1.0
Online Voting System Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'username' parameter of the login_action.php resource does not validate the characters received and they are sent unfiltered to the database.
network
low complexity
projectworlds CWE-89
critical
9.8