Ivan Spiridonov (xbz0n) - Security Researcher - Exploit Intelligence Platform

CVE-2024-32136 NOMISEC HIGH WRITEUP

Xenioushk BWL Advanced FAQ Mgr <2.0.3 - SQL Injection

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Xenioushk BWL Advanced FAQ Manager.This issue affects BWL Advanced FAQ Manager: from n/a through 2.0.3.

3 stars

CVSS 7.6

View Code

CVE-2024-33911 NOMISEC HIGH WRITEUP

Weblizar School Management < 10.3.4 - SQL Injection

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Weblizar School Management Pro.This issue affects School Management Pro: from n/a through 10.3.4.

2 stars

CVSS 7.6

View Code

EIP-2026-105666 EXPLOITDB text WORKING POC

BWL Advanced FAQ Manager 2.0.3 - Authenticated SQL Injection

View Code