FULLSHADE

6 exploits Active since Jan 2020
CVE-2020-5183 EXPLOITDB HIGH text WRITEUP
FTPGetter Professional 5.97.0.223 - Denial of Service via Crafted String
FTPGetter Professional 5.97.0.223 is vulnerable to a memory corruption bug when a user sends a specially crafted string to the application. This memory corruption bug can possibly be classified as a NULL pointer dereference.
CVSS 7.5
CVE-2020-5511 EXPLOITDB HIGH text WORKING POC
PHPGurukul Small CRM v2.0 - Auth Bypass
PHPGurukul Small CRM v2.0 was found vulnerable to authentication bypass via SQL injection when logging into the administrator login page.
CVSS 8.8
CVE-2020-5510 EXPLOITDB CRITICAL text WORKING POC
PHPGurukul Hostel Mgt Sys <2.0 - SQL Injection
PHPGurukul Hostel Management System v2.0 allows SQL injection via the id parameter in the full-profile.php file.
CVSS 9.8
CVE-2020-5192 EXPLOITDB HIGH text WRITEUP
PHPGurukul Hospital Management System 4.0 - SQL Injection
PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple SQL injection vulnerabilities: multiple pages and parameters are not validating user input, and allow for the application's database and information to be fully compromised.
CVSS 8.8
CVE-2020-5191 EXPLOITDB MEDIUM text WORKING POC
PHPGurukul Hospital Management System 4.0 - Stored Cross-Site Scripting
PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple Persistent XSS vulnerabilities.
CVSS 6.1
EIP-2026-106106 EXPLOITDB text WORKING POC
Complaint Management System 4.0 - 'cid' SQL injection