Dimitris Chatzidimitris

18 exploits Active since Nov 2024
CVE-2024-10701 WRITEUP LOW WRITEUP
PHPGurukul Car Rental Portal 1.0 - Cross-Site Scripting via search.php searchdata Parameter
A vulnerability was found in PHPGurukul Car Rental Portal 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /search.php. The manipulation of the argument searchdata leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS 3.5
CVE-2024-10743 WRITEUP LOW WRITEUP
PHPGurukul Online Shopping Portal 2.0 - Cross-Site Scripting in editable_ajax.php
A vulnerability was found in PHPGurukul Online Shopping Portal 2.0. It has been classified as problematic. Affected is an unknown function of the file /shopping/admin/assets/plugins/DataTables/examples/examples_support/editable_ajax.php. The manipulation of the argument value leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS 3.5
CVE-2024-10744 WRITEUP LOW WRITEUP
PHPGurukul Online Shopping Portal 2.0 - Cross-Site Scripting via complex_header_2.php Scripts Argument
A vulnerability was found in PHPGurukul Online Shopping Portal 2.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/assets/plugins/DataTables/media/unit_testing/templates/complex_header_2.php. The manipulation of the argument scripts leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS 3.5
CVE-2024-10745 WRITEUP LOW WRITEUP
PHPGurukul Online Shopping Portal 2.0 - Cross-Site Scripting in deferred_table.php
A vulnerability was found in PHPGurukul Online Shopping Portal 2.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/assets/plugins/DataTables/media/unit_testing/templates/deferred_table.php. The manipulation of the argument scripts leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS 3.5
CVE-2024-10746 WRITEUP LOW WRITEUP
PHPGurukul Online Shopping Portal 2.0 - Cross-Site Scripting in dom_data.php
A vulnerability classified as problematic has been found in PHPGurukul Online Shopping Portal 2.0. This affects an unknown part of the file /admin/assets/plugins/DataTables/media/unit_testing/templates/dom_data.php. The manipulation of the argument scripts leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS 3.5
CVE-2024-10747 WRITEUP LOW WRITEUP
PHPGurukul Online Shopping Portal 2.0 - Cross-Site Scripting in dom_data_th.php
A vulnerability classified as problematic was found in PHPGurukul Online Shopping Portal 2.0. This vulnerability affects unknown code of the file /admin/assets/plugins/DataTables/media/unit_testing/templates/dom_data_th.php. The manipulation of the argument scripts leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS 3.5
CVE-2024-10748 WRITEUP LOW WRITEUP
Cosmote Greece What's Up App 4.47.3 - Info Disclosure
A vulnerability, which was classified as problematic, has been found in Cosmote Greece What's Up App 4.47.3 on Android. This issue affects some unknown processing of the file gr/desquared/kmmsharedmodule/db/RealmDB.java of the component Realm Database Handler. The manipulation of the argument defaultRealmKey leads to use of default cryptographic key. Local access is required to approach this attack. The complexity of an attack is rather high. The exploitation is known to be difficult. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS 2.5
CVE-2024-10753 WRITEUP LOW WRITEUP
PHPGurukul Online Shopping Portal 2.0 - Cross-Site Scripting in dom_data_two_headers.php
A vulnerability was found in PHPGurukul Online Shopping Portal 2.0. It has been declared as problematic. This vulnerability affects unknown code of the file admin/assets/plugins/DataTables/media/unit_testing/templates/dom_data_two_headers.php. The manipulation of the argument scripts leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS 3.5
CVE-2024-10754 WRITEUP LOW WRITEUP
PHPGurukul Online Shopping Portal 2.0 - Cross-Site Scripting in dymanic_table.php
A vulnerability was found in PHPGurukul Online Shopping Portal 2.0. It has been rated as problematic. This issue affects some unknown processing of the file /admin/assets/plugins/DataTables/media/unit_testing/templates/dymanic_table.php. The manipulation of the argument scripts leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS 3.5
CVE-2024-10755 WRITEUP LOW WRITEUP
PHPGurukul Online Shopping Portal 2.0 - Cross-Site Scripting in empty_table.php
A vulnerability classified as problematic has been found in PHPGurukul Online Shopping Portal 2.0. Affected is an unknown function of the file /admin/assets/plugins/DataTables/media/unit_testing/templates/empty_table.php. The manipulation of the argument scripts leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS 3.5
CVE-2024-10756 WRITEUP LOW WRITEUP
PHPGurukul Online Shopping Portal 2.0 - Cross-Site Scripting via html_table.php Scripts Argument
A vulnerability classified as problematic was found in PHPGurukul Online Shopping Portal 2.0. Affected by this vulnerability is an unknown functionality of the file /admin/assets/plugins/DataTables/media/unit_testing/templates/html_table.php. The manipulation of the argument scripts leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS 3.5
CVE-2024-10757 WRITEUP LOW WRITEUP
PHPGurukul Online Shopping Portal 2.0 - Cross-Site Scripting via js_data.php Scripts Parameter
A vulnerability, which was classified as problematic, has been found in PHPGurukul Online Shopping Portal 2.0. Affected by this issue is some unknown functionality of the file /admin/assets/plugins/DataTables/media/unit_testing/templates/js_data.php. The manipulation of the argument scripts leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS 3.5
CVE-2024-10768 WRITEUP LOW WRITEUP
PHPGurukul Online Shopping Portal 2.0 - Cross-Site Scripting in two_tables.php
A vulnerability classified as problematic was found in PHPGurukul Online Shopping Portal 2.0. This vulnerability affects unknown code of the file /admin/assets/plugins/DataTables/media/unit_testing/templates/two_tables.php. The manipulation of the argument scripts leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS 3.5
CVE-2024-10806 WRITEUP LOW WRITEUP
Hospital Management System 4.0 - Cross-Site Scripting via betweendates-detailsreports.php fromdate/todate Parameters
A vulnerability was found in PHPGurukul Hospital Management System 4.0. It has been declared as problematic. This vulnerability affects unknown code of the file betweendates-detailsreports.php. The manipulation of the argument fromdate/todate leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS 2.4
CVE-2024-10927 WRITEUP LOW WRITEUP
monocms < 2024-05-28 - Cross-Site Scripting via account.php userid Parameter
A vulnerability was found in MonoCMS up to 20240528. It has been classified as problematic. Affected is an unknown function of the file /monofiles/account.php of the component Account Information Page. The manipulation of the argument userid leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS 3.5
CVE-2024-10928 WRITEUP LOW WRITEUP
monocms < 2024-05-28 - Cross-Site Scripting via filtcategory/filtstatus Parameter in opensaved.php
A vulnerability was found in MonoCMS up to 20240528. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /monofiles/opensaved.php of the component Posts Page. The manipulation of the argument filtcategory/filtstatus leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS 3.5
CVE-2024-11026 WRITEUP LOW WRITEUP
Freenow App 12.10.0 - Use of Hard-coded Password in Keystore Handler
A vulnerability was found in Intelligent Apps Freenow App 12.10.0 on Android. It has been rated as problematic. Affected by this issue is some unknown functionality of the file ch/qos/logback/core/net/ssl/SSL.java of the component Keystore Handler. The manipulation of the argument DEFAULT_KEYSTORE_PASSWORD with the input changeit leads to use of hard-coded password. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS 3.7
CVE-2025-2220 WRITEUP LOW WRITEUP
Odyssey CMS <10.34 - Info Disclosure
A vulnerability was found in Odyssey CMS up to 10.34. It has been classified as problematic. Affected is an unknown function of the file /modules/odyssey_contact_form/odyssey_contact_form.php of the component reCAPTCHA Handler. The manipulation of the argument g-recaptcha-response leads to key management error. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS 3.3