saitamang

10 exploits Active since Jun 2021
CVE-2021-35475 NOMISEC MEDIUM WRITEUP
SAS Environment Manager 2.5 - Stored Cross-Site Scripting via Server Name Field
SAS Environment Manager 2.5 allows XSS through the Name field when creating/editing a server. The XSS will prompt when editing the Configuration Properties.
CVSS 5.4
CVE-2022-50947 EXPLOITDB MEDIUM text WORKING POC
WordPress Plugin Testimonial Slider and Showcase 2.2.6 Stored XSS
WordPress Plugin Testimonial Slider and Showcase 2.2.6 contains a stored cross-site scripting vulnerability that allows authenticated editors to inject malicious scripts by failing to sanitize the post_title parameter. Attackers with editor privileges can inject JavaScript payloads through the testimonial title field that execute in the browsers of users viewing the draft post, enabling cookie theft and session hijacking.
CVSS 6.4
CVE-2022-50946 EXPLOITDB MEDIUM text WORKING POC
WordPress Plugin Netroics Blog Posts Grid 1.0 Stored XSS
WordPress Plugin Netroics Blog Posts Grid 1.0 contains a stored cross-site scripting vulnerability that allows authenticated editors to inject malicious scripts by failing to sanitize the post_title parameter. Attackers with editor privileges can inject script payloads through the testimonial title field that execute in the browsers of other users viewing the draft post, enabling cookie theft and session hijacking.
CVSS 6.4
CVE-2021-35475 WRITEUP MEDIUM WRITEUP
SAS Environment Manager 2.5 - Stored Cross-Site Scripting via Server Name Field
SAS Environment Manager 2.5 allows XSS through the Name field when creating/editing a server. The XSS will prompt when editing the Configuration Properties.
CVSS 5.4
CVE-2022-36194 WRITEUP MEDIUM WRITEUP
Centreon 22.04.0 - Stored Cross-Site Scripting via Broker Configuration Name Parameter
Centreon 22.04.0 is vulnerable to Cross Site Scripting (XSS) from the function Pollers > Broker Configuration by adding a crafted payload into the name parameter.
CVSS 5.4
CVE-2022-36667 WRITEUP HIGH WRITEUP
Garage Management System 1.0 - Remote Code Execution via Unrestricted File Upload
Garage Management System 1.0 is vulnerable to the Remote Code Execution (RCE) due to the lack of filtering from the file upload function. The vulnerability exist during adding parts and from the upload function, the attacker can upload PHP Reverse Shell straight away to gain RCE.
CVSS 8.8
CVE-2022-36668 WRITEUP MEDIUM WRITEUP
Garage Management System 1.0 - Stored Cross-Site Scripting via Parts Parameters
Garage Management System 1.0 is vulnerable to Stored Cross Site Scripting (XSS) on several parameters. The vulnerabilities exist during creating or editing the parts under parameters. Using the XSS payload, the Stored XSS triggered and can be used for further attack vector.
CVSS 5.4
CVE-2022-36669 WRITEUP CRITICAL WORKING POC
Hospital Information System 1.0 - SQL Injection
Hospital Information System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
CVSS 9.8
CVE-2022-37137 WRITEUP MEDIUM WORKING POC
PayMoney 3.3 - Stored Cross-Site Scripting via Ticket Message Field
PayMoney 3.3 is vulnerable to Stored Cross-Site Scripting (XSS) during replying the ticket. The XSS can be obtain from injecting under "Message" field with "description" parameter with the specially crafted payload to gain Stored XSS. The XSS then will prompt after that or can be access from the view ticket function.
CVSS 5.4
CVE-2022-37140 WRITEUP HIGH WORKING POC
PayMoney 3.3 - Client-Side Remote Code Execution via Malicious RTF File Upload
PayMoney 3.3 is vulnerable to Client Side Remote Code Execution (RCE). The vulnerability exists on the reply ticket function and upload the malicious file. A calculator will open when the victim who download the file open the RTF file.
CVSS 8.0