Majid kalantari

3 exploits Active since Apr 2026
CVE-2019-25697 EXPLOITDB HIGH text WORKING POC
CMSsite 1.0 SQL Injection via category.php
CMSsite 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cat_id parameter. Attackers can send GET requests to category.php with malicious cat_id values to extract sensitive database information including usernames and credentials.
CVSS 8.2
EIP-2026-110181 EXPLOITDB text WORKING POC
Online shopping system advanced 1.0 - 'p' SQL Injection
EIP-2026-106035 EXPLOITDB text WORKING POC
CMSsite 1.0 - 'search' SQL Injection