Mesut Cetin

15 exploits Active since Feb 2024
CVE-2021-47957 EXPLOITDB MEDIUM text WORKING POC
WordPress Plugin Cookie Law Bar 1.2.1 Stored XSS via clb_bar_msg
Cookie Law Bar 1.2.1 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting unsanitized input to the Bar Message field. Attackers can inject script payloads through the plugin settings page that execute in the browsers of all WordPress users viewing the site, enabling cookie theft and sensitive data exfiltration.
CVSS 6.4
CVE-2023-46344 WRITEUP MEDIUM WRITEUP
Solar-Log Base 15 Firmware 6.0.1 Build 161 - XSS
A vulnerability in Solar-Log Base 15 Firmware 6.0.1 Build 161, and possibly other Solar-Log Base products, allows an attacker to escalate their privileges by exploiting a stored cross-site scripting (XSS) vulnerability in the switch group function under /#ilang=DE&b=c_smartenergy_swgroups in the web portal. The vulnerability can be exploited to gain the rights of an installer or PM, which can then be used to gain administrative access to the web portal and execute further attacks. NOTE: The vendor states that this vulnerability has been fixed with 3.0.0-60 11.10.2013 for SL 200, 500, 1000 / not existing for SL 250, 300, 1200, 2000, SL 50 Gateway, SL Base.
CVSS 5.4
CVE-2023-53735 EXPLOITDB MEDIUM text WRITEUP
WEBIGniter 28.7.23 - Unauthenticated Cross-Site Scripting in User Creation Process
WEBIGniter 28.7.23 contains a cross-site scripting vulnerability in the user creation process that allows unauthenticated attackers to execute malicious JavaScript code, enabling potential XSS attacks.
EIP-2026-114178 EXPLOITDB text WORKING POC
WordPress Plugin visitors-app 0.3 - 'user-agent' Stored Cross-Site Scripting (XSS)
EIP-2026-110114 EXPLOITDB text WORKING POC
Online Hotel Reservation System 1.0 - 'description' Stored Cross-site Scripting
EIP-2026-110115 EXPLOITDB text WORKING POC
Online Hotel Reservation System 1.0 - 'id' Time-based SQL Injection
EIP-2026-110117 EXPLOITDB text WORKING POC
Online Hotel Reservation System 1.0 - 'person' time-based SQL Injection
EIP-2026-110119 EXPLOITDB text WORKING POC
Online Hotel Reservation System 1.0 - Cross-site request forgery (CSRF)
EIP-2026-106419 EXPLOITDB text WORKING POC
Dental Clinic Appointment Reservation System 1.0 - Authentication Bypass (SQLi)
EIP-2026-106417 EXPLOITDB text WORKING POC
Dental Clinic Appointment Reservation System 1.0 - 'date' UNION based SQL Injection (Authenticated)
EIP-2026-105773 EXPLOITDB text WORKING POC
Cemetry Mapping and Information System 1.0 - Multiple SQL Injections
EIP-2026-105774 EXPLOITDB text WORKING POC
Cemetry Mapping and Information System 1.0 - Multiple Stored Cross-Site Scripting
EIP-2026-105453 EXPLOITDB python WORKING POC
Best POS Management System v1.0 - Unauthenticated Remote Code Execution
EIP-2026-104231 EXPLOITDB text WORKING POC
EgavilanMedia User Registration & Login System with Admin Panel 1.0 - Persistent Cross-Site Scripting
EIP-2026-102014 EXPLOITDB text WORKING POC
Solar-Log 200 PM+ 3.6.0 Build 99 - 15.10.2019 - Stored XSS