Minhajul Taivin

3 exploits Active since Nov 2025
CVE-2025-63892 NOMISEC MEDIUM WRITEUP
SourceCodester Student Grades Management System 1.0 - XSS
A vulnerability was determined in SourceCodester Student Grades Management System 1.0. Affected is the function create_classroom of the file /classroom.php of the component My Classrooms Management Page. This manipulation of the argument name/description causes stored cross site scripting.
CVSS 6.8
CVE-2025-63892 WRITEUP MEDIUM WRITEUP
SourceCodester Student Grades Management System 1.0 - XSS
A vulnerability was determined in SourceCodester Student Grades Management System 1.0. Affected is the function create_classroom of the file /classroom.php of the component My Classrooms Management Page. This manipulation of the argument name/description causes stored cross site scripting.
CVSS 6.8
CVE-2025-63883 WRITEUP MEDIUM WRITEUP
E-commerce v1.0 - XSS
A DOM-based cross-site scripting vulnerability exists in electic-shop v1.0 (Bhabishya-123/E-commerce). The site's client-side JavaScript reads attacker-controlled input (for example, values derived from the URL or page fragment) and inserts it into the DOM via unsafe sinks (innerHTML/insertAdjacentHTML/document.write) without proper sanitization or context-aware encoding. An attacker can craft a malicious URL that, when opened by a victim, causes arbitrary JavaScript to execute in the victim's browser under the electic-shop origin.
CVSS 5.4