Fatih Tüzün

3 exploits Active since Jan 2025
CVE-2024-57326 WRITEUP MEDIUM WRITEUP
Online Pizza Delivery System 1.0 - Reflected Cross-Site Scripting via Search Parameter
A Reflected Cross-Site Scripting (XSS) vulnerability exists in the search.php file of the Online Pizza Delivery System 1.0. The vulnerability allows an attacker to execute arbitrary JavaScript code in the browser via unsanitized input passed through the search parameter.
CVSS 6.1
CVE-2024-57328 WRITEUP CRITICAL WRITEUP
Online Food Ordering System 1.0 - SQL Injection via Login Form
A SQL Injection vulnerability exists in the login form of Online Food Ordering System v1.0. The vulnerability arises because the input fields username and password are not properly sanitized, allowing attackers to inject malicious SQL queries to bypass authentication and gain unauthorized access.
CVSS 9.8
CVE-2024-57329 WRITEUP MEDIUM WRITEUP
HortusFox 3.9 - Stored Cross-Site Scripting in Add Plant Name Input
HortusFox v3.9 contains a stored XSS vulnerability in the "Add Plant" function. The name input field does not sanitize or escape user inputs, allowing attackers to inject and execute arbitrary JavaScript payloads.
CVSS 5.4