Fr1t0viski - Security Researcher - Exploit Intelligence Platform

CVE-2025-26163 WRITEUP CRITICAL WORKING POC

CM Soluces Informatica Ltda Auto Atendimento 1.x.x - SQL Injection via CPF Parameter

CM Soluces Informatica Ltda Auto Atendimento 1.x.x was discovered to contain a SQL injection via the CPF parameter.

CVSS 9.8

View Code

CVE-2025-30022 WRITEUP MEDIUM WORKING POC

CM Soluces Informatica Ltda Auto Atendimento <1.x.x - SQL Injection

CM Soluces Informatica Ltda Auto Atendimento 1.x.x was discovered to contain a SQL injection via the DATANASC parameter.

CVSS 6.8

View Code

CVE-2025-5084 WRITEUP MEDIUM WORKING POC

Post Grid Master < 3.4.13 - Unauthenticated Reflected Cross-Site Scripting via read_more_text Parameter

The Post Grid Master plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘argsArray['read_more_text']’ parameter in all versions up to, and including, 3.4.13 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.

CVSS 6.1

View Code