Phamchie

3 exploits Active since Dec 2022
CVE-2023-3047 NOMISEC CRITICAL WRITEUP
TMT Lockcell <15 - SQL Injection
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TMT Lockcell allows SQL Injection.This issue affects Lockcell: before 15.
4 stars
CVSS 9.8
CVE-2022-4611 NOMISEC MEDIUM WORKING POC
Click Studios Passwordstate - Hard-Coded Credentials
A vulnerability, which was classified as problematic, was found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. This affects an unknown part. The manipulation leads to hard-coded credentials. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. The identifier VDB-216273 was assigned to this vulnerability.
2 stars
CVSS 4.3
CVE-2023-37786 NOMISEC MEDIUM WORKING POC
Geeklog - XSS
Multiple cross-site scripting (XSS) vulnerabilities in Geeklog v2.2.2 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Mail Settings[backend], Mail Settings[host], Mail Settings[port] and Mail Settings[auth] parameters of the /admin/configuration.php.
1 stars
CVSS 4.8