Hamdi Sevben

30 exploits Active since Feb 2023
CVE-2023-7143 WRITEUP LOW WRITEUP
Fabian Client Details System - XSS
A vulnerability was found in code-projects Client Details System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/regester.php. The manipulation of the argument fname/lname/email/contact leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-249146 is the identifier assigned to this vulnerability.
CVSS 2.4
CVE-2023-7149 WRITEUP LOW WRITEUP
Code-projects QR Code Generator - XSS
A vulnerability was found in code-projects QR Code Generator 1.0. It has been classified as problematic. This affects an unknown part of the file /download.php?file=author.png. The manipulation of the argument file with the input "><iMg src=N onerror=alert(document.domain)> leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249153 was assigned to this vulnerability.
CVSS 3.5
CVE-2022-40032 EXPLOITDB CRITICAL text WORKING POC
Simple Task Managing System - SQL Injection
SQL Injection vulnerability in Simple Task Managing System version 1.0 in login.php in 'username' and 'password' parameters, allows attackers to execute arbitrary code and gain sensitive information.
CVSS 9.8
CVE-2022-40347 EXPLOITDB CRITICAL text WORKING POC
Intern Record System - SQL Injection
SQL Injection vulnerability in Intern Record System version 1.0 in /intern/controller.php in 'phone', 'email', 'deptType' and 'name' parameters, allows attackers to execute arbitrary code and gain sensitive information.
CVSS 9.8
EIP-2026-105912 EXPLOITDB text WORKING POC
Client Details System 1.0 - SQL Injection