Rezur0x7

4 exploits Active since Jul 2024
CVE-2024-37856 GITHUB MEDIUM NO CODE
Lost and Found Information System 1.0 - Cross-Site Scripting via User Profile Name Fields
Cross Site Scripting vulnerability in Lost and Found Information System 1.0 allows a remote attacker to escalate privileges via the first, last, middle name fields in the User Profile page.
CVSS 5.4
CVE-2024-37857 GITHUB HIGH NO CODE
Lost and Found Information System 1.0 - SQL Injection via id Parameter
SQL Injection vulnerability in Lost and Found Information System 1.0 allows a remote attacker to escalate privileges via id parameter to php-lfis/admin/categories/view_category.php.
CVSS 8.8
CVE-2024-37858 GITHUB CRITICAL NO CODE
Lost and Found Information System 1.0 - SQL Injection via id Parameter
SQL Injection vulnerability in Lost and Found Information System 1.0 allows a remote attacker to escalate privileges via the id parameter to php-lfis/admin/categories/manage_category.php.
CVSS 9.8
CVE-2024-37859 GITHUB MEDIUM NO CODE
Lost and Found Information System 1.0 - Cross-Site Scripting via Page Parameter
Cross Site Scripting vulnerability in Lost and Found Information System 1.0 allows a remote attacker to escalate privileges via the page parameter to php-lfis/admin/index.php.
CVSS 6.1