blackm4c

CVE-2021-41805 NOMISEC HIGH WORKING POC

Hashicorp Consul < 1.8.17 - Incorrect Authorization

HashiCorp Consul Enterprise before 1.8.17, 1.9.x before 1.9.11, and 1.10.x before 1.10.4 has Incorrect Access Control. An ACL token (with the default operator:write permissions) in one namespace can be used for unintended privilege escalation in a different namespace.

1 stars

CVSS 8.8

View Code

CVE-2025-50695 WRITEUP MEDIUM WRITEUP

PHPGurukul Online DJ Booking Management System 2.0 - XSS

PHPGurukul Online DJ Booking Management System 2.0 is vulnerable to Cross Site Scripting (XSS) in /admin/view-booking-detail.php and /admin/invoice-generating.php.

CVSS 6.1

View Code

CVE-2025-50699 WRITEUP MEDIUM WRITEUP

PHPGurukul Online DJ Booking Management System 2.0 - XSS

PHPGurukul Online DJ Booking Management System 2.0 is vulnerable to Cross Site Scripting (XSS) in odms/admin/view-user-queries.php.

CVSS 6.1

View Code