h4md153v63n

3 exploits Active since Feb 2023
CVE-2022-40032 NOMISEC CRITICAL WRITEUP
Simple Task Managing System 1.0 - SQL Injection via login.php Username and Password Parameters
SQL Injection vulnerability in Simple Task Managing System version 1.0 in login.php in 'username' and 'password' parameters, allows attackers to execute arbitrary code and gain sensitive information.
5 stars
CVSS 9.8
CVE-2022-40347 NOMISEC CRITICAL WORKING POC
Intern Record System 1.0 - SQL Injection via Phone/Email/DeptType/Name Parameters
SQL Injection vulnerability in Intern Record System version 1.0 in /intern/controller.php in 'phone', 'email', 'deptType' and 'name' parameters, allows attackers to execute arbitrary code and gain sensitive information.
3 stars
CVSS 9.8
CVE-2022-40348 NOMISEC MEDIUM WRITEUP
Intern Record System 1.0 - Cross-Site Scripting via Name and Email Parameters
Cross Site Scripting (XSS) vulnerability in Intern Record System version 1.0 in /intern/controller.php in 'name' and 'email' parameters, allows attackers to execute arbitrary code.
3 stars
CVSS 5.4