Lucas Noki (0xPrototype)

5 exploits Active since May 2023
CVE-2023-29808 NOMISEC MEDIUM WRITEUP
companymaps 8.0 - Cross-Site Scripting
Cross Site Scripting (XSS) vulnerability in vogtmh cmaps (companymaps) 8.0 allows attackers to execute arbitrary code.
4 stars
CVSS 6.1
CVE-2023-29809 NOMISEC CRITICAL WORKING POC
companymaps 8.0 - SQL Injection
SQL injection vulnerability found in Maximilian Vogt companymaps (cmaps) v.8.0 allows a remote attacker to execute arbitrary code via a crafted script in the request.
1 stars
CVSS 9.8
CVE-2023-29983 NOMISEC MEDIUM WRITEUP
companymaps 8.0 - Stored Cross-Site Scripting in Admin Audit Log Tab
Cross Site Scripting vulnerability found in Maximilian Vogt cmaps v.8.0 allows a remote attacker to execute arbitrary code via the auditlog tab in the admin panel.
CVSS 5.4
CVE-2023-29809 EXPLOITDB CRITICAL text WORKING POC
companymaps 8.0 - SQL Injection
SQL injection vulnerability found in Maximilian Vogt companymaps (cmaps) v.8.0 allows a remote attacker to execute arbitrary code via a crafted script in the request.
CVSS 9.8
CVE-2023-29983 EXPLOITDB MEDIUM text WORKING POC
companymaps 8.0 - Stored Cross-Site Scripting in Admin Audit Log Tab
Cross Site Scripting vulnerability found in Maximilian Vogt cmaps v.8.0 allows a remote attacker to execute arbitrary code via the auditlog tab in the admin panel.
CVSS 5.4