M Lohith

7 exploits Active since Dec 2021
CVE-2021-41962 NOMISEC MEDIUM WRITEUP
Sourcecodester Vehicle Service Management System 1.0 - Stored Cross-Site Scripting via Owner Fullname Parameter
Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the Owner fullname parameter in a Send Service Request in vehicle_service.
CVSS 4.8
CVE-2023-27776 WRITEUP MEDIUM WRITEUP
Online Jewelry Shop v1.0 - Stored Cross-Site Scripting via Category Name Parameter
A stored cross-site scripting (XSS) vulnerability in /index.php?page=category_list of Online Jewelry Shop v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Category Name parameter.
CVSS 5.4
CVE-2021-45865 WRITEUP CRITICAL WRITEUP
Sourcecodester Student Attendance Management System 1.0 - Unrestricted File Upload
A File Upload vulnerability exists in Sourcecodester Student Attendance Manageent System 1.0 via the file upload functionality.
CVSS 9.8
CVE-2021-45866 WRITEUP MEDIUM WRITEUP
Sourcecodester Student Attendance Management System 1.0 - XSS
A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Student Attendance Management System 1.0 via the couse filed in index.php.
CVSS 5.4
CVE-2022-25016 WRITEUP CRITICAL WRITEUP
Home Owners Collection Management System v1.0 - Arbitrary File Upload via Student Attendance Component
Home Owners Collection Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via the component /student_attendance/index.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.
CVSS 9.8
CVE-2023-27776 WRITEUP MEDIUM WRITEUP
Online Jewelry Shop v1.0 - Stored Cross-Site Scripting via Category Name Parameter
A stored cross-site scripting (XSS) vulnerability in /index.php?page=category_list of Online Jewelry Shop v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Category Name parameter.
CVSS 5.4
CVE-2023-27777 WRITEUP MEDIUM WRITEUP
Online Jewelry Shop 1.0 - Cross-Site Scripting via Crafted URL
Cross-site scripting (XSS) vulnerability was discovered in Online Jewelry Shop v1.0 that allows attackers to execute arbitrary script via a crafted URL.
CVSS 5.4