Yash Mahajan

4 exploits Active since Oct 2021
CVE-2021-42224 EXPLOITDB CRITICAL text WORKING POC
IFSC Code Finder Project 1.0 - SQL Injection via searchifsccode Parameter
SQL Injection vulnerability exists in IFSC Code Finder Project 1.0 via the searchifsccode POST parameter in /search.php.
CVSS 9.8
CVE-2021-42223 EXPLOITDB MEDIUM text WORKING POC
Online DJ Booking Management System 1.0 - Cross-Site Scripting in view-booking-detail.php
Cross Site Scripting (XSS).vulnerability exists in Online DJ Booking Management System 1.0 in view-booking-detail.php.
CVSS 6.1
CVE-2021-42169 EXPLOITDB CRITICAL text WORKING POC
Simple Payroll System with Dynamic Tax Bracket - SQL Injection via Login Username Parameter
The Simple Payroll System with Dynamic Tax Bracket in PHP using SQLite Free Source Code (by: oretnom23 ) is vulnerable from remote SQL-Injection-Bypass-Authentication for the admin account. The parameter (username) from the login form is not protected correctly and there is no security and escaping from malicious payloads.
CVSS 9.8
EIP-2026-106098 EXPLOITDB text WORKING POC
Company's Recruitment Management System 1.0 - 'Multiple' SQL Injection (Unauthenticated)