Sushant Kamble

3 exploits Active since Nov 2020
CVE-2020-28140 EXPLOITDB CRITICAL text WORKING POC
SourceCodester Online Clothing Store 1.0 - Arbitrary File Upload via Products.php Image Upload
SourceCodester Online Clothing Store 1.0 is affected by an arbitrary file upload via the image upload feature of Products.php.
CVSS 9.8
CVE-2020-28139 EXPLOITDB MEDIUM text WORKING POC
SourceCodester Online Clothing Store 1.0 - Cross-Site Scripting via Offer Detail Field
SourceCodester Online Clothing Store 1.0 is affected by a cross-site scripting (XSS) vulnerability via a Offer Detail field in offer.php.
CVSS 6.1
CVE-2020-28138 EXPLOITDB CRITICAL text WORKING POC
SourceCodester Online Clothing Store 1.0 - SQL Injection via txtUserName Parameter
SourceCodester Online Clothing Store 1.0 is affected by a SQL Injection via the txtUserName parameter to login.php.
CVSS 9.8