Nishar Shah

3 exploits Active since Aug 2024
CVE-2024-42918 WRITEUP MEDIUM WRITEUP
itsourcecode Online Accreditation Management System - XSS
itsourcecode Online Accreditation Management System contains a Cross Site Scripting vulnerability, which allows an attacker to execute arbitrary code via a crafted payload to the SCHOOLNAME, EMAILADDRES, CONTACTNO, COMPANYNAME and COMPANYCONTACTNO parameters in controller.php.
CVSS 5.4
CVE-2024-46077 WRITEUP MEDIUM WRITEUP
Mayurik Online Tours And Travels Management System - XSS
itsourcecode Online Tours and Travels Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via a crafted payload to the val-username, val-email, val-suggestions, val-digits and state_name parameters in travellers.php.
CVSS 5.4
CVE-2024-46078 WRITEUP HIGH WRITEUP
Adonesevangelista Sports Management System - SQL Injection
itsourcecode Sports Management System Project 1.0 is vulnerable to SQL Injection in the function delete_category of the file sports_scheduling/player.php via the argument id.
CVSS 7.5