
CVE-2023-43470
https://notcve.org/view.php?id=CVE-2023-43470
22 Sep 2023 — SQL injection vulnerability in janobe Online Voting System v.1.0 allows a remote attacker to execute arbitrary code via the checklogin.php component. Vulnerabilidad de inyección SQL en janobe Online Voting System v.1.0 permite a un atacante remoto ejecutar código arbitrario a través del componente checklogin.php. • https://gist.github.com/ae6e361b/1ed56fbfbbfd368835b8a8089f8ee64a • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVE-2020-29239
https://notcve.org/view.php?id=CVE-2020-29239
02 Dec 2020 — Online Birth Certificate System Project V 1.0 is affected by cross-site scripting (XSS). This vulnerability can result in an attacker injecting the XSS payload in the User Registration section. When an admin visits the View Detail of Application section from the admin panel, the attacker can able to steal the cookie according to the crafted payload. Online Birth Certificate System Project versión V 1.0, está afectado por una vulnerabilidad de tipo cross-site scripting (XSS). Esta vulnerabilidad puede r... • https://www.exploit-db.com/exploits/49159 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •