bigzooooz

16 exploits Active since May 2022
CVE-2022-30513 NOMISEC MEDIUM WORKING POC
School Dormitory Management System - XSS
School Dormitory Management System v1.0 is vulnerable to reflected cross-site scripting (XSS) via admin/inc/navigation.php:125
2 stars
CVSS 6.1
CVE-2022-28078 NOMISEC MEDIUM WRITEUP
Home Owners Collection Management System - XSS
Home Owners Collection Management v1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in the Admin panel via the $_GET['page'] parameter.
2 stars
CVSS 6.1
CVE-2024-55060 NOMISEC MEDIUM WRITEUP
Rafed-system Rafed Cms Website - XSS
A cross-site scripting (XSS) vulnerability in the component index.php of Rafed CMS Website v1.44 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
1 stars
CVSS 6.1
CVE-2023-26692 NOMISEC MEDIUM WORKING POC
ZCBS/ZPBS/ZBBS 4.14k - XSS
ZCBS Zijper Collectie Beheer Systeem (ZCBS), Zijper Publication Management System (ZPBS), and Zijper Image Bank Management System (ZBBS) 4.14k is vulnerable to Cross Site Scripting (XSS).
1 stars
CVSS 6.1
CVE-2022-31295 NOMISEC HIGH WORKING POC
Online Discussion Forum Site 1 - Info Disclosure
An issue in the delete_post() function of Online Discussion Forum Site 1 allows unauthenticated attackers to arbitrarily delete posts.
1 stars
CVSS 7.5
CVE-2022-31296 NOMISEC CRITICAL WRITEUP
Online Discussion Forum Site 1 - SQL Injection
Online Discussion Forum Site 1 was discovered to contain a blind SQL injection vulnerability via the component /odfs/posts/view_post.php.
1 stars
CVSS 9.8
CVE-2022-31298 NOMISEC MEDIUM WRITEUP
Haraj v3.7 - XSS
A cross-site scripting vulnerability in the ads comment section of Haraj v3.7 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request.
1 stars
CVSS 5.4
CVE-2022-31299 NOMISEC MEDIUM WORKING POC
Haraj v3.7 - XSS
Haraj v3.7 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in the User Upgrade Form.
1 stars
CVSS 6.1
CVE-2022-31300 NOMISEC MEDIUM WRITEUP
Haraj <3.7 - XSS
A cross-site scripting vulnerability in the DM Section component of Haraj v3.7 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request.
1 stars
CVSS 5.4
CVE-2022-31301 NOMISEC MEDIUM WRITEUP
Haraj v3.7 - XSS
Haraj v3.7 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Post Ads component.
1 stars
CVSS 5.4
CVE-2022-31294 NOMISEC MEDIUM WORKING POC
Online Discussion Forum Site 1 - Info Disclosure
An issue in the save_users() function of Online Discussion Forum Site 1 allows unauthenticated attackers to arbitrarily create or update user accounts.
1 stars
CVSS 6.5
CVE-2022-30512 NOMISEC CRITICAL WRITEUP
School Dormitory Management System - SQL Injection
School Dormitory Management System 1.0 is vulnerable to SQL Injection via accounts/payment_history.php:31.
1 stars
CVSS 9.8
CVE-2022-30514 NOMISEC MEDIUM WORKING POC
School Dormitory Management System - XSS
School Dormitory Management System v1.0 is vulnerable to reflected cross-site scripting (XSS) via admin/inc/navigation.php:126.
1 stars
CVSS 6.1
CVE-2022-30511 NOMISEC CRITICAL WRITEUP
School Dormitory Management System - SQL Injection
School Dormitory Management System 1.0 is vulnerable to SQL Injection via accounts/view_details.php:4.
1 stars
CVSS 9.8
CVE-2022-28077 NOMISEC MEDIUM WRITEUP
Home Owners Collection Management System - XSS
Home Owners Collection Management v1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in the Admin panel via the $_GET['s'] parameter.
1 stars
CVSS 6.1
CVE-2022-30510 NOMISEC CRITICAL WRITEUP
School Dormitory Management System - SQL Injection
School Dormitory Management System 1.0 is vulnerable to SQL Injection via reports/daily_collection_report.php:59.
1 stars
CVSS 9.8