Emirhan Mutlu

4 exploits Active since Apr 2024
CVE-2024-31544 WRITEUP MEDIUM WRITEUP
Computer Laboratory Management System 1.0 - Stored XSS via Remarks/Borrower Name/Faculty Department
A stored cross-site scripting (XSS) vulnerability in Computer Laboratory Management System v1.0 allows attackers to execute arbitrary JavaScript code by including malicious payloads into “remarks”, “borrower_name”, “faculty_department” parameters in /classes/Master.php?f=save_record.
CVSS 5.4
CVE-2024-31545 WRITEUP CRITICAL WRITEUP
Computer Laboratory Management System 1.0 - SQL Injection via id Parameter
Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter of /admin/?page=user/manage_user&id=6.
CVSS 9.4
CVE-2024-31546 WRITEUP CRITICAL WRITEUP
Computer Laboratory Management System 1.0 - SQL Injection via id Parameter
Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter of /admin/damage/view_damage.php.
CVSS 9.8
CVE-2024-31547 WRITEUP CRITICAL WRITEUP
Computer Laboratory Management System 1.0 - SQL Injection via id Parameter
Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter of /admin/item/view_item.php.
CVSS 9.1