Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Very Low

CVE-2020-9340

Disclosure Date: February 22, 2020 (last updated February 21, 2025)
fauzantrif eLection 2.0 has SQL Injection via the admin/ajax/op_kandidat.php id parameter.
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
1
Attacker Value
Unknown

CVE-2020-9336

Disclosure Date: February 22, 2020 (last updated February 21, 2025)
fauzantrif eLection 2.0 has XSS via the Admin Dashboard -> Settings -> Election -> "message if election is closed" field.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0