Lucas Noki (0xPrototype) - Security Researcher - Exploit Intelligence Platform

CVE-2023-29808 NOMISEC MEDIUM WRITEUP

Companymaps - XSS

Cross Site Scripting (XSS) vulnerability in vogtmh cmaps (companymaps) 8.0 allows attackers to execute arbitrary code.

4 stars

CVSS 6.1

View Code

CVE-2023-29809 NOMISEC CRITICAL WORKING POC

Companymaps - SQL Injection

SQL injection vulnerability found in Maximilian Vogt companymaps (cmaps) v.8.0 allows a remote attacker to execute arbitrary code via a crafted script in the request.

1 stars

CVSS 9.8

View Code

CVE-2023-29983 NOMISEC MEDIUM WRITEUP

Companymaps - XSS

Cross Site Scripting vulnerability found in Maximilian Vogt cmaps v.8.0 allows a remote attacker to execute arbitrary code via the auditlog tab in the admin panel.

CVSS 5.4

View Code

CVE-2023-29809 EXPLOITDB CRITICAL text WORKING POC

Companymaps - SQL Injection

SQL injection vulnerability found in Maximilian Vogt companymaps (cmaps) v.8.0 allows a remote attacker to execute arbitrary code via a crafted script in the request.

CVSS 9.8

View Code

CVE-2023-29983 EXPLOITDB MEDIUM text WORKING POC

Companymaps - XSS

Cross Site Scripting vulnerability found in Maximilian Vogt cmaps v.8.0 allows a remote attacker to execute arbitrary code via the auditlog tab in the admin panel.

CVSS 5.4

View Code