Ashkan Moghaddas - Security Researcher - Exploit Intelligence Platform

CVE-2022-50896 EXPLOITDB MEDIUM text WORKING POC

Testa 3.5.1 - XSS

Testa 3.5.1 contains a reflected cross-site scripting vulnerability in the login.php redirect parameter that allows attackers to inject malicious scripts. Attackers can craft a specially encoded payload in the redirect parameter to execute arbitrary JavaScript in victim's browser context.

CVSS 6.1

View Code

CVE-2021-47902 EXPLOITDB HIGH text WORKING POC

Testa Online Test Management System <3.4.7 - SQL Injection

Testa Online Test Management System 3.4.7 contains a SQL injection vulnerability that allows attackers to manipulate database queries through the 'q' search parameter. Attackers can inject malicious SQL code in the search field to extract database information, potentially accessing sensitive user or system data.

CVSS 8.2

View Code

EIP-2026-114232 EXPLOITDB text WORKING POC

WordPress Plugin WP Sitemap Page 1.6.2 - Persistent Cross-Site Scripting

View Code