Soundar M

4 exploits Active since Sep 2023
CVE-2023-44061 NOMISEC HIGH WRITEUP
Simple and Nice Shopping Cart Script <1.0 - RCE
File Upload vulnerability in Simple and Nice Shopping Cart Script v.1.0 allows a remote attacker to execute arbitrary code via the upload function in the edit profile component.
CVSS 8.8
CVE-2023-45540 NOMISEC MEDIUM WORKING POC
Jorani Leave Management System 1.0.3 - Stored Cross-Site Scripting via Leave Request Comment Field
An issue in Jorani Leave Management System 1.0.3 allows a remote attacker to execute arbitrary HTML code via a crafted script to the comment field of the List of Leave requests page.
CVSS 6.5
CVE-2023-41575 WRITEUP MEDIUM WRITEUP
Blood Bank & Donor Management v2.2 - XSS
Multiple stored cross-site scripting (XSS) vulnerabilities in /bbdms/sign-up.php of Blood Bank & Donor Management v2.2 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Full Name, Message, or Address parameters.
CVSS 5.4
CVE-2023-45540 WRITEUP MEDIUM WRITEUP
Jorani Leave Management System 1.0.3 - Stored Cross-Site Scripting via Leave Request Comment Field
An issue in Jorani Leave Management System 1.0.3 allows a remote attacker to execute arbitrary HTML code via a crafted script to the comment field of the List of Leave requests page.
CVSS 6.5