Sajibe Kanti

6 exploits Active since Jan 2018
CVE-2023-54349 EXPLOITDB MEDIUM text WORKING POC
AmazCart CMS 3.4 Reflected Cross-Site Scripting via Search
AmazCart CMS 3.4 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting payloads through the search functionality. Attackers can enter script tags in the search box to execute arbitrary JavaScript that fires when search history is viewed or results are displayed.
CVSS 6.1
CVE-2023-54348 EXPLOITDB HIGH text WORKING POC
ERPGo SaaS 3.9 CSV Injection via Vendor Creation
ERPGo SaaS 3.9 contains a CSV injection vulnerability that allows authenticated attackers to execute arbitrary code by injecting formula payloads into vendor name fields. Attackers can add malicious formulas like =10+20+cmd|' /C calc'!A0 in the vendor creation form, which execute when the exported CSV file is opened in spreadsheet applications.
CVSS 8.8
CVE-2018-6391 EXPLOITDB HIGH html WORKING POC
Netis-systems Wf2419 Firmware - CSRF
A cross-site request forgery web vulnerability has been discovered on Netis WF2419 V2.2.36123 devices. A remote attacker is able to delete Address Reservation List settings.
CVSS 8.8
CVE-2022-27412 EXPLOITDB CRITICAL text WORKING POC
Exploreit Explore Cms - SQL Injection
Explore CMS v1.0 was discovered to contain a SQL injection vulnerability via a /page.php?id= request.
CVSS 9.8
EIP-2026-104150 EXPLOITDB text WORKING POC
Active eCommerce CMS 6.5.0 - Stored Cross-Site Scripting (XSS)
CVE-2018-6190 EXPLOITDB MEDIUM text WRITEUP
Netis WF2419 V3.2.41381 - XSS
Netis WF2419 V3.2.41381 devices allow XSS via the Description field on the MAC Filtering page.
CVSS 5.4