Goutham Madhwaraj

3 exploits Active since Jun 2019
CVE-2018-20470 EXPLOITDB HIGH text WORKING POC
Sahi Pro < 8.0.0 - Directory Traversal in Web Reports Module
An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. A directory traversal (arbitrary file access) vulnerability exists in the web reports module. This allows an outside attacker to view contents of sensitive files.
CVSS 7.5
CVE-2018-20472 EXPLOITDB MEDIUM text WORKING POC
Sahi Pro < 8.0.0 - Stored Cross-Site Scripting in Logs Web Interface
An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. The logs web interface is vulnerable to stored XSS.
CVSS 5.4
CVE-2018-20469 EXPLOITDB CRITICAL text WORKING POC
Sahi Pro < 8.0.0 - SQL Injection via Web Reports Module Parameter
An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. A parameter in the web reports module is vulnerable to h2 SQL injection. This can be exploited to inject SQL queries and run standard h2 system functions.
CVSS 9.8