Kshitij Rewandkar

2 exploits Active since Oct 2022

CVE-2022-3503 WRITEUP LOW WRITEUP

SourceCodester Purchase Order Management System 1.0 - XSS

A vulnerability was found in SourceCodester Purchase Order Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the component Supplier Handler. The manipulation of the argument Supplier Name/Address/Contact person/Contact leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-210832.

CVSS 3.5

View Code

CVE-2022-3579 WRITEUP MEDIUM WRITEUP

SourceCodester Cashier Queuing System 1.0 - SQL Injection

A vulnerability classified as critical was found in SourceCodester Cashier Queuing System 1.0. This vulnerability affects unknown code of the file /queuing/login.php of the component Login Page. The manipulation of the argument username/password leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-211186 is the identifier assigned to this vulnerability.

CVSS 6.3

View Code