Ritesh Gohil

4 exploits Active since Jan 2021
CVE-2020-35852 WRITEUP MEDIUM WRITEUP
getgist chatbox - Stored Cross-Site Scripting via SVG/XML File Upload
Chatbox is affected by cross-site scripting (XSS). An attacker has to upload any XSS payload with SVG, XML file in Chatbox. There is no restriction on file upload in Chatbox which leads to stored XSS.
CVSS 6.1
CVE-2020-35853 EXPLOITDB MEDIUM text WRITEUP
4images 1.7.11 - Stored Cross-Site Scripting via Image URL
4images Image Gallery Management System 1.7.11 is affected by cross-site scripting (XSS) in the Image URL. This vulnerability can result in an attacker to inject the XSS payload into the IMAGE URL. Each time a user visits that URL, the XSS triggers and the attacker can be able to steal the cookie according to the crafted payload.
CVSS 4.8
CVE-2020-35272 EXPLOITDB MEDIUM text WORKING POC
Employee Performance Evaluation System 1.0 - Stored Cross-Site Scripting in Admin Portal Task and Description Fields
Employee Performance Evaluation System in PHP/MySQLi with Source Code 1.0 is affected by cross-site scripting (XSS) in the Admin Portal in the Task and Description fields.
CVSS 4.8
CVE-2020-35270 EXPLOITDB CRITICAL text WRITEUP
Student Result Management System - SQL Injection
Student Result Management System In PHP With Source Code is affected by SQL injection. An attacker can able to access of Admin Panel and manage every account of Result.
CVSS 9.1