Sushant Kamble

3 exploits Active since Nov 2020
CVE-2020-28140 EXPLOITDB CRITICAL text WORKING POC
Online Clothing Store - Unrestricted File Upload
SourceCodester Online Clothing Store 1.0 is affected by an arbitrary file upload via the image upload feature of Products.php.
CVSS 9.8
CVE-2020-28139 EXPLOITDB MEDIUM text WORKING POC
Online Clothing Store - XSS
SourceCodester Online Clothing Store 1.0 is affected by a cross-site scripting (XSS) vulnerability via a Offer Detail field in offer.php.
CVSS 6.1
CVE-2020-28138 EXPLOITDB CRITICAL text WORKING POC
Online Clothing Store - SQL Injection
SourceCodester Online Clothing Store 1.0 is affected by a SQL Injection via the txtUserName parameter to login.php.
CVSS 9.8