Soundar M - Security Researcher - Exploit Intelligence Platform

CVE-2023-44061 NOMISEC HIGH WRITEUP

Simple and Nice Shopping Cart Script <1.0 - RCE

File Upload vulnerability in Simple and Nice Shopping Cart Script v.1.0 allows a remote attacker to execute arbitrary code via the upload function in the edit profile component.

CVSS 8.8

View Code

CVE-2023-45540 NOMISEC MEDIUM WORKING POC

Jorani Leave Management System 1.0.3 - Stored Cross-Site Scripting via Leave Request Comment Field

An issue in Jorani Leave Management System 1.0.3 allows a remote attacker to execute arbitrary HTML code via a crafted script to the comment field of the List of Leave requests page.

CVSS 6.5

View Code

CVE-2023-41575 WRITEUP MEDIUM WRITEUP

Blood Bank & Donor Management v2.2 - XSS

Multiple stored cross-site scripting (XSS) vulnerabilities in /bbdms/sign-up.php of Blood Bank & Donor Management v2.2 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Full Name, Message, or Address parameters.

CVSS 5.4

View Code

CVE-2023-45540 WRITEUP MEDIUM WRITEUP

Jorani Leave Management System 1.0.3 - Stored Cross-Site Scripting via Leave Request Comment Field

An issue in Jorani Leave Management System 1.0.3 allows a remote attacker to execute arbitrary HTML code via a crafted script to the comment field of the List of Leave requests page.

CVSS 6.5

View Code