Moaaz Taha (0xStorm)

5 exploits Active since Jun 2021
CVE-2021-34249 EXPLOITDB HIGH text SCANNER
Online Book Store 1.0 - SQL Injection via ID Parameter
SQL injection vulnerability in sourcecodester online-book-store 1.0 allows remote attackers to view sensitive information via the id paremeter in application URL.
CVSS 7.5
CVE-2020-24862 EXPLOITDB HIGH text WORKING POC
Pharmacy Medical Store and Sale Point 1.0 - Time-Based Blind SQL Injection via catID Parameter
The catID parameter in Pharmacy Medical Store and Sale Point v1.0 has been found to be vulnerable to a Time-Based blind SQL injection via the /medical/inventories.php path which allows attackers to retrieve all databases.
CVSS 7.5
CVE-2020-25905 EXPLOITDB CRITICAL text WORKING POC
Mobile Shop System 1.0 - SQL Injection via Email Parameter
An SQL Injection vulnerabilty exists in Sourcecodester Mobile Shop System in PHP MySQL 1.0 via the email parameter in (1) login.php or (2) LoginAsAdmin.php.
CVSS 9.8
CVE-2020-25362 EXPLOITDB HIGH text SCANNER
Online Shopping Alphaware 1.0 - SQL Injection via id Parameter in details.php
The id paramater in Online Shopping Alphaware 1.0 has been discovered to be vulnerable to an Error-Based blind SQL injection in the /alphaware/details.php path. This allows an attacker to retrieve all databases.
CVSS 7.5
EIP-2026-110175 EXPLOITDB text SCANNER
Online Shopping Alphaware 1.0 - Error Based SQL injection