Arvind V.

3 exploits Active since Sep 2017
CVE-2017-13129 EXPLOITDB HIGH html WORKING POC
Zkteco Zktime Web - CSRF
Cross-site request forgery (CSRF) vulnerability in ZKTeco ZKTime Web 2.0.1.12280 allows remote authenticated users to hijack the authentication of administrators for requests that add administrators by leveraging lack of anti-CSRF tokens.
CVSS 8.0
CVE-2017-14680 EXPLOITDB HIGH text WRITEUP
ZKTeco ZKTime Web 2.0.1.12280 - Info Disclosure
ZKTeco ZKTime Web 2.0.1.12280 allows remote attackers to obtain sensitive employee metadata via a direct request for a PDF document.
CVSS 7.5
CVE-2018-7216 EXPLOITDB HIGH html WORKING POC
Tejari Bravo Solution - CSRF
Cross-site request forgery (CSRF) vulnerability in esop/toolkit/profile/regData.do in Bravo Tejari Procurement Portal allows remote authenticated users to hijack the authentication of application users for requests that modify their personal data by leveraging lack of anti-CSRF tokens.
CVSS 8.0