0xashfaq

2 exploits Active since Sep 2024

CVE-2024-44851 WRITEUP MEDIUM WRITEUP

Perfex CRM <1.1.0 - XSS

A stored cross-site scripting (XSS) vulnerability in the Discussion section of Perfex CRM v1.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Content parameter.

CVSS 5.4

View Code

CVE-2024-46639 WRITEUP HIGH WORKING POC

HelpDeskZ <2.0.2 - XSS

A cross-site scripting (XSS) vulnerability in HelpDeskZ v2.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name text field of Custom Fields message box.

CVSS 7.6

View Code