Primary

Context

Code-Projects Automated Voting System Unauthorized Access Vulnerability

Vulnerability

A vulnerability allowing unauthorized access to the backend has been identified in Code-Projects Automated Voting System version 1.0. The issue arises in the Backend component, specifically within the vote.php file. This vulnerability allows attackers to bypass the login process by directly accessing vote.php, which includes sess.php. As a result, they can manipulate data and cause data leakage.

Impact

Exploitation of this vulnerability bypasses authentication, allowing direct access to the backend. This could lead to unauthorized data manipulation and leakage.

Reproduction

To reproduce this vulnerability, access the vote.php file directly. This will bypass the authentication process and grant access to the backend, allowing for data manipulation and leakage.

Added: Jun 20, 2025, 7:08 PM

Updated: Jun 20, 2025, 7:08 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

6.0

remediation

0.0

relevance

0.2

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

6.0

remediation

0.0

relevance

0.2

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Code-Projects Automated Voting System Unauthorized Access Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

code-projects Automated Voting System

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating