shubham-s-pandey - Security Researcher - Exploit Intelligence Platform

CVE-2024-27743 GITHUB MEDIUM WRITEUP

Petrol Pump MGMT Software v.1.0 - XSS

Cross Site Scripting vulnerability in Petrol Pump Mangement Software v.1.0 allows an attacker to execute arbitrary code via a crafted payload to the Address parameter in the add_invoices.php component.

1 stars

CVSS 6.1

View Code

CVE-2024-27744 GITHUB MEDIUM WRITEUP

Petrol Pump Mangement Software v.1.0 - XSS

Cross Site Scripting vulnerability in Petrol Pump Mangement Software v.1.0 allows an attacker to execute arbitrary code via a crafted payload to the image parameter in the profile.php component.

1 stars

CVSS 6.1

View Code

CVE-2024-27746 GITHUB CRITICAL WRITEUP

Petrol Pump Mangement Software <1.0 - SQL Injection

SQL Injection vulnerability in Petrol Pump Mangement Software v.1.0 allows an attacker to execute arbitrary code via a crafted payload to the email address parameter in the index.php component.

1 stars

CVSS 9.8

View Code

CVE-2024-27747 GITHUB CRITICAL WRITEUP

Petrol Pump Mangement Software <1.0 - RCE

File Upload vulnerability in Petrol Pump Mangement Software v.1.0 allows an attacker to execute arbitrary code via a crafted payload to the email Image parameter in the profile.php component.

1 stars

CVSS 9.8

View Code

CVE-2024-28595 GITHUB CRITICAL WRITEUP

Walterjnr1 Employee Management System - SQL Injection

SQL Injection vulnerability in Employee Management System v1.0 allows attackers to run arbitrary SQL commands via the admin_id parameter in update-admin.php.

1 stars

CVSS 9.8

View Code