sahildari

6 exploits Active since Mar 2024
CVE-2024-31061 WRITEUP MEDIUM WRITEUP
Munyweki Insurance Management System < 1.0 - XSS
Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the Last Name input field.
CVSS 6.1
CVE-2024-31062 WRITEUP MEDIUM WRITEUP
Munyweki Insurance Management System < 1.0 - Basic XSS
Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the Street input field.
CVSS 6.3
CVE-2024-31063 WRITEUP MEDIUM WRITEUP
Munyweki Insurance Management System < 1.0 - XSS
Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the Email input field.
CVSS 6.4
CVE-2024-31064 WRITEUP MEDIUM WRITEUP
Munyweki Insurance Management System < 1.0 - XSS
Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the First Name input field.
CVSS 6.1
CVE-2024-31065 WRITEUP MEDIUM WRITEUP
Munyweki Insurance Management System < 1.0 - XSS
Cross Site Scripting vulnerability in Insurance Mangement System v.1.0.0 and before allows a remote attacker to execute arbitrary code via the City input field.
CVSS 6.1
CVE-2024-31502 WRITEUP HIGH WRITEUP
Insurance Management System <1.0.0 - Privilege Escalation
An issue in Insurance Management System v.1.0.0 and before allows a remote attacker to escalate privileges via a crafted POST request to /admin/core/new_staff.
CVSS 8.1