Oscar Gutierrez (m4xp0w3r)

CVE-2021-47779 EXPLOITDB MEDIUM text WORKING POC

Dolibarr ERP-CRM 14.0.2 - XSS

Dolibarr ERP-CRM 14.0.2 contains a stored cross-site scripting vulnerability in the ticket creation module that allows low-privilege users to inject malicious scripts. Attackers can craft a specially designed ticket message with embedded JavaScript that triggers when an administrator copies the text, potentially enabling privilege escalation.

CVSS 5.4

View Code

EIP-2026-111546 EXPLOITDB text WORKING POC

Projeqtor v9.3.1 - Stored Cross Site Scripting (XSS)

View Code