Anmol K Sachan

4 exploits Active since Feb 2021
CVE-2021-27190 NOMISEC MEDIUM WRITEUP
Peel Shopping - XSS
A Stored Cross Site Scripting(XSS) Vulnerability was discovered in PEEL SHOPPING 9.3.0 and 9.4.0, which are publicly available. The user supplied input containing polyglot payload is echoed back in javascript code in HTML response. This allows an attacker to input malicious JavaScript which can steal cookie, redirect them to other malicious website, etc.
3 stars
CVSS 5.4
CVE-2021-47897 EXPLOITDB HIGH text WORKING POC
PEEL Shopping 9.3.0 - XSS
PEEL Shopping 9.3.0 contains a stored cross-site scripting vulnerability in the address parameter of the change_params.php script. Attackers can inject malicious JavaScript payloads that execute when users interact with the address text box, potentially enabling client-side script execution.
CVSS 7.2
CVE-2021-47892 EXPLOITDB HIGH text WORKING POC
PEEL Shopping 9.3.0 - XSS
PEEL Shopping 9.3.0 contains a stored cross-site scripting vulnerability in the 'Comments / Special Instructions' parameter of the purchase page. Attackers can inject malicious JavaScript payloads that will execute when the page is refreshed, potentially allowing client-side script execution.
CVSS 7.2
EIP-2026-113045 EXPLOITDB text WORKING POC
Vehicle Parking Tracker System 1.0 - 'Owner Name' Stored Cross-Site Scripting