ugurkarakoc

4 exploits Active since Dec 2024
CVE-2024-55099 NOMISEC CRITICAL WORKING POC
phpgurukul Online Nurse Hiring System v1.0 - SQL Injection via Username Parameter
A SQL Injection vulnerability was found in /admin/index.php in phpgurukul Online Nurse Hiring System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access via the username parameter.
CVSS 9.8
CVE-2024-55100 WRITEUP MEDIUM WRITEUP
Online Nurse Hiring System v1.0 - Stored Cross-Site Scripting via Fullname Parameter
A stored cross-site scripting (XSS) vulnerability in the component /admin/profile.php of Online Nurse Hiring System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the fullname parameter.
CVSS 4.8
CVE-2024-55103 WRITEUP HIGH WRITEUP
Online Nurse Hiring System v1.0 - SQL Injection via Fullname Parameter
Online Nurse Hiring System v1.0 was discovered to contain a SQL injection vulnerability in the component /admin/profile.php via the fullname parameter.
CVSS 7.2
CVE-2024-55104 WRITEUP HIGH WORKING POC
Online Nurse Hiring System v1.0 - SQL Injection via Gender and Email Parameters
Online Nurse Hiring System v1.0 was discovered to contain multiple SQL injection vulnerabilities in the component /admin/add-nurse.php via the gender and emailid parameters.
CVSS 7.2