Parshwa Bhavsar

3 exploits Active since Jan 2021
CVE-2020-37237 EXPLOITDB MEDIUM text WRITEUP
Composr CMS 10.0.34 Persistent Cross-Site Scripting via banners
Composr CMS 10.0.34 contains a persistent cross-site scripting vulnerability that allows authenticated administrators to inject malicious scripts through the banner management interface. Attackers with admin credentials can inject XSS payloads in the Description field of the Add banner functionality, which execute for all website visitors when they access the home page.
CVSS 6.4
CVE-2020-35309 EXPLOITDB MEDIUM text WORKING POC
Bakeshop Online Ordering System 1.0 - Stored Cross-Site Scripting in Admin Dashboard Categories
Bakeshop Online Ordering System in PHP/MySQLi 1.0 is affected by cross-site scripting (XSS) which allows remote attackers to inject an arbitrary web script or HTML in admin dashboard - "Categories".
CVSS 4.8
EIP-2026-104367 EXPLOITDB text WRITEUP
Online News Portal System 1.0 - 'Title' Stored Cross Site Scripting