h4md153v63n - Security Researcher - Exploit Intelligence Platform

CVE-2022-40032 NOMISEC CRITICAL WRITEUP

Simple Task Managing System - SQL Injection

SQL Injection vulnerability in Simple Task Managing System version 1.0 in login.php in 'username' and 'password' parameters, allows attackers to execute arbitrary code and gain sensitive information.

5 stars

CVSS 9.8

View Code

CVE-2022-40347 NOMISEC CRITICAL WORKING POC

Intern Record System - SQL Injection

SQL Injection vulnerability in Intern Record System version 1.0 in /intern/controller.php in 'phone', 'email', 'deptType' and 'name' parameters, allows attackers to execute arbitrary code and gain sensitive information.

3 stars

CVSS 9.8

View Code

CVE-2022-40348 NOMISEC MEDIUM WRITEUP

Intern Record System - XSS

Cross Site Scripting (XSS) vulnerability in Intern Record System version 1.0 in /intern/controller.php in 'name' and 'email' parameters, allows attackers to execute arbitrary code.

3 stars

CVSS 5.4

View Code