Himanshu Shukla

4 exploits Active since Feb 2021
CVE-2024-33485 EXPLOITDB CRITICAL python WORKING POC
CASAP Automated Enrollment System <V1.0 - SQL Injection
SQL Injection vulnerability in CASAP Automated Enrollment System using PHP/MySQLi with Source Code V1.0 allows a remote attacker to obtain sensitive information via a crafted payload to the login.php component
CVSS 9.8
CVE-2021-26201 EXPLOITDB CRITICAL python WORKING POC
CASAP Automated Enrollment System 1.0 - SQL Injection Authentication Bypass via Login Username Field
The Login Panel of CASAP Automated Enrollment System 1.0 is vulnerable to SQL injection authentication bypass. An attacker can obtain access to the admin panel by injecting a SQL query in the username field of the login page.
CVSS 9.8
CVE-2021-26200 EXPLOITDB CRITICAL python WORKING POC
Library System 1.0 - SQL Injection
The user area for Library System 1.0 is vulnerable to SQL injection where a user can bypass the authentication and login as the admin user.
CVSS 9.8
CVE-2021-3239 EXPLOITDB CRITICAL python WORKING POC
E-Learning System 1.0 - SQL Injection
E-Learning System 1.0 suffers from an unauthenticated SQL injection vulnerability, which allows remote attackers to execute arbitrary code on the hosting web server and gain a reverse shell.
CVSS 9.8