Ritesh Sahu

5 exploits Active since Aug 2023
CVE-2023-37068 NOMISEC CRITICAL WRITEUP
Sherlock Gym Management System - SQL Injection
Code-Projects Gym Management System V1.0 allows remote attackers to execute arbitrary SQL commands via the login form, leading to unauthorized access and potential data manipulation. This vulnerability arises due to insufficient validation of user-supplied input in the username and password fields, enabling SQL Injection attacks.
CVSS 9.8
CVE-2023-37069 WRITEUP CRITICAL WRITEUP
Online Hospital Management System - SQL Injection
Code-Projects Online Hospital Management System V1.0 is vulnerable to SQL Injection (SQLI) attacks, which allow an attacker to manipulate the SQL queries executed by the application. The application fails to properly validate user-supplied input in the login id and password fields during the login process, enabling an attacker to inject malicious SQL code.
CVSS 9.8
CVE-2023-37069 WRITEUP CRITICAL WRITEUP
Online Hospital Management System - SQL Injection
Code-Projects Online Hospital Management System V1.0 is vulnerable to SQL Injection (SQLI) attacks, which allow an attacker to manipulate the SQL queries executed by the application. The application fails to properly validate user-supplied input in the login id and password fields during the login process, enabling an attacker to inject malicious SQL code.
CVSS 9.8
CVE-2023-37070 WRITEUP MEDIUM WRITEUP
Code-projects Hospital Information System - XSS
Code Projects Hospital Information System 1.0 is vulnerable to Cross Site Scripting (XSS)
CVSS 4.8
CVE-2023-37070 WRITEUP MEDIUM WRITEUP
Code-projects Hospital Information System - XSS
Code Projects Hospital Information System 1.0 is vulnerable to Cross Site Scripting (XSS)
CVSS 4.8