ashangp923

3 exploits Active since Apr 2017
CVE-2023-3971 NOMISEC HIGH WORKING POC
Redhat Ansible Automation Controller < 4.3.11 - Basic XSS
An HTML injection flaw was found in Controller in the user interface settings. This flaw allows an attacker to capture credentials by creating a custom login page by injecting HTML, resulting in a complete compromise.
CVSS 7.3
CVE-2018-10097 NOMISEC MEDIUM WORKING POC
Domain Trader 2.5.3 - XSS
XSS exists in Domain Trader 2.5.3 via the recoverlogin.php email_address parameter.
CVSS 6.1
CVE-2017-7410 NOMISEC CRITICAL WORKING POC
WebsiteBaker <2.10.0 - SQL Injection
Multiple SQL injection vulnerabilities in account/signup.php and account/signup2.php in WebsiteBaker 2.10.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) username, (2) display_name parameter.
CVSS 9.8