abbisQQ

3 exploits Active since Feb 2023
CVE-2023-24610 NOMISEC HIGH WORKING POC
NOSH 4a5cfdb - Authenticated Remote Code Execution via Practice Logo Upload
NOSH 4a5cfdb allows remote authenticated users to execute PHP arbitrary code via the "practice logo" upload feature. The client-side checks can be bypassed. This may allow attackers to steal Protected Health Information because the product is for health charting.
3 stars
CVSS 8.8
CVE-2025-28355 NOMISEC MEDIUM WRITEUP
Volmarg Personal Management System 1.4.65 - Cross-Site Request Forgery via SameSite Cookie Attribute
Volmarg Personal Management System 1.4.65 is vulnerable to Cross Site Request Forgery (CSRF) allowing attackers to execute arbitrary code and obtain sensitive information via the SameSite cookie attribute defaults value set to none
CVSS 4.7
CVE-2025-28355 WRITEUP MEDIUM WRITEUP
Volmarg Personal Management System 1.4.65 - Cross-Site Request Forgery via SameSite Cookie Attribute
Volmarg Personal Management System 1.4.65 is vulnerable to Cross Site Request Forgery (CSRF) allowing attackers to execute arbitrary code and obtain sensitive information via the SameSite cookie attribute defaults value set to none
CVSS 4.7