Soham Bakore

4 exploits Active since Feb 2021
CVE-2021-26822 EXPLOITDB CRITICAL bash WORKING POC
Teachers Record Management System 1.0 - Unauthenticated SQL Injection via searchteacher Parameter
Teachers Record Management System 1.0 is affected by a SQL injection vulnerability in 'searchteacher' POST parameter in search-teacher.php. This vulnerability can be exploited by a remote unauthenticated attacker to leak sensitive information and perform code execution attacks.
CVSS 9.8
CVE-2020-22840 EXPLOITDB MEDIUM text WRITEUP
b2evolution CMS <6.11.6 - Open Redirect
Open redirect vulnerability in b2evolution CMS version prior to 6.11.6 allows an attacker to perform malicious open redirects to an attacker controlled resource via redirect_to parameter in email_passthrough.php.
CVSS 6.1
CVE-2020-22839 EXPLOITDB MEDIUM text WORKING POC
b2evolution CMS 6.11.6 - Reflected Cross-Site Scripting via evoadm.php tab3 Parameter
Reflected cross-site scripting vulnerability (XSS) in the evoadm.php file in b2evolution cms version 6.11.6-stable allows remote attackers to inject arbitrary webscript or HTML code via the tab3 parameter.
CVSS 6.1
CVE-2020-22841 EXPLOITDB MEDIUM text WRITEUP
b2evolution < 6.11.6 - Stored Cross-Site Scripting via Plugin Name Input Field
Stored XSS in b2evolution CMS version 6.11.6 and prior allows an attacker to perform malicious JavaScript code execution via the plugin name input field in the plugin module.
CVSS 4.8