Aaditya Singh Rajawat

28 exploits Active since Feb 2024
CVE-2022-46088 WRITEUP MEDIUM WRITEUP
Online Flight Booking Management System v1.0 - XSS
Online Flight Booking Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the feedback form.
CVSS 6.1
CVE-2022-46089 WRITEUP MEDIUM WRITEUP
Online Flight Booking Management System v1.0 - XSS
Cross Site Scripting (XSS) vulnerability in the add-airline form of Online Flight Booking Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the airline parameter.
CVSS 6.1
CVE-2022-46091 WRITEUP MEDIUM WRITEUP
Online Flight Booking Management System v1.0 - XSS
Cross Site Scripting (XSS) vulnerability in the feedback form of Online Flight Booking Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the airline parameter.
CVSS 4.7
CVE-2022-46497 WRITEUP HIGH WRITEUP
Hospital Management System 1.0 - SQL Injection
Hospital Management System 1.0 was discovered to contain a SQL injection vulnerability via the pat_number parameter at his_doc_view_single_patien.php.
CVSS 8.1
CVE-2022-46498 WRITEUP LOW WRITEUP
Hospital Management System 1.0 - SQL Injection
Hospital Management System 1.0 was discovered to contain a SQL injection vulnerability via the doc_number parameter at his_admin_view_single_employee.php.
CVSS 2.7
CVE-2022-46499 WRITEUP HIGH WRITEUP
Hospital Management System 1.0 - SQL Injection
Hospital Management System 1.0 was discovered to contain a SQL injection vulnerability via the pat_number parameter at his_admin_view_single_patient.php.
CVSS 8.8
CVE-2023-33676 WRITEUP HIGH WRITEUP
Sourcecodester Lost and Found Info Sys <1.0 - SQL Injection
Sourcecodester Lost and Found Information System's Version 1.0 is vulnerable to unauthenticated SQL Injection at "?page=items/view&id=*" which can be escalated to the remote command execution.
CVSS 8.4
CVE-2023-33677 WRITEUP HIGH WRITEUP
Sourcecodester Lost and Found Info Sys <1.0 - SQL Injection
Sourcecodester Lost and Found Information System's Version 1.0 is vulnerable to unauthenticated SQL Injection at "?page=items/view&id=*".
CVSS 7.5
CVE-2023-41014 WRITEUP CRITICAL WRITEUP
code-projects.org Online Job Portal 1.0 - SQL Injection
code-projects.org Online Job Portal 1.0 is vulnerable to SQL Injection via the Username parameter for "Employer."
CVSS 9.8
CVE-2023-41015 WRITEUP MEDIUM WRITEUP
code-projects.org Online Job Portal 1.0 - SQL Injection
code-projects.org Online Job Portal 1.0 is vulnerable to SQL Injection via /Employer/DeleteJob.php?JobId=1.
CVSS 5.5
CVE-2023-41503 WRITEUP CRITICAL WRITEUP
Student Enrollment In PHP v1.0 - SQL Injection
Student Enrollment In PHP v1.0 was discovered to contain a SQL injection vulnerability via the Login function.
CVSS 9.8
CVE-2023-41504 WRITEUP HIGH WRITEUP
Student Enrollment In PHP 1.0 - SQL Injection
SQL Injection vulnerability in Student Enrollment In PHP 1.0 allows attackers to run arbitrary code via the Student Search function.
CVSS 8.8
CVE-2023-41505 WRITEUP CRITICAL WRITEUP
Student Enrollment In PHP v1.0 - RCE
An arbitrary file upload vulnerability in the Add Student's Profile Picture function of Student Enrollment In PHP v1.0 allows attackers to execute arbitrary code via uploading a crafted PHP file.
CVSS 9.8
CVE-2023-41506 WRITEUP CRITICAL WRITEUP
Student Enrollment In PHP v1.0 - RCE
An arbitrary file upload vulnerability in the Update/Edit Student's Profile Picture function of Student Enrollment In PHP v1.0 allows attackers to execute arbitrary code via uploading a crafted PHP file.
CVSS 9.8
CVE-2023-42308 WRITEUP MEDIUM WRITEUP
Code-projects Exam Form Submission - XSS
Cross Site Scripting (XSS) vulnerability in Manage Fastrack Subjects in Code-Projects Exam Form Submission 1.0 allows attackers to run arbitrary code via the "Subject Name" and "Subject Code" Section.
CVSS 6.1
CVE-2023-43292 WRITEUP MEDIUM WRITEUP
My Food Recipe Using PHP <1.0 - XSS
Cross Site Scripting vulnerability in My Food Recipe Using PHP with Source Code v.1.0 allows a local attacker to execute arbitrary code via a crafted payload to the Recipe Name, Procedure, and ingredients parameters.
CVSS 6.1
CVE-2024-22917 WRITEUP HIGH WRITEUP
Dynamic Lab Management System Project 1.0 - RCE
SQL injection vulnerability in Dynamic Lab Management System Project in PHP v.1.0 allows a remote attacker to execute arbitrary code via a crafted script.
CVSS 8.6
CVE-2024-24092 WRITEUP HIGH WRITEUP
Code-projects Scholars Tracking System - SQL Injection
SQL Injection vulnerability in Code-projects.org Scholars Tracking System 1.0 allows attackers to run arbitrary code via login.php.
CVSS 7.8
CVE-2024-24093 WRITEUP CRITICAL WRITEUP
Code-projects Scholars Tracking System - SQL Injection
SQL Injection vulnerability in Code-projects Scholars Tracking System 1.0 allows attackers to run arbitrary code via Personal Information Update information.
CVSS 9.8
CVE-2024-24095 WRITEUP CRITICAL WRITEUP
Code-projects Simple Stock System - SQL Injection
Code-projects Simple Stock System 1.0 is vulnerable to SQL Injection.
CVSS 9.8
CVE-2024-24096 WRITEUP HIGH WRITEUP
Carmelo Computer Book Store - SQL Injection
Code-projects Computer Book Store 1.0 is vulnerable to SQL Injection via BookSBIN.
CVSS 7.8
CVE-2024-24097 WRITEUP MEDIUM WRITEUP
Code-projects Scholars Tracking System - XSS
Cross Site Scripting (XSS) vulnerability in Code-projects Scholars Tracking System 1.0 allows attackers to run arbitrary code via the News Feed.
CVSS 5.4
CVE-2024-24098 WRITEUP HIGH WRITEUP
Fabian Scholars Tracking System - SQL Injection
Code-projects Scholars Tracking System 1.0 is vulnerable to SQL Injection via the News Feed.
CVSS 7.8
CVE-2024-24099 WRITEUP MEDIUM WRITEUP
Code-projects Scholars Tracking System - SQL Injection
Code-projects Scholars Tracking System 1.0 is vulnerable to SQL Injection under Employment Status Information Update.
CVSS 5.4
CVE-2024-24100 WRITEUP HIGH WRITEUP
Carmelo Computer Book Store - SQL Injection
Code-projects Computer Book Store 1.0 is vulnerable to SQL Injection via PublisherID.
CVSS 8.3