whiteshark2k

3 exploits Active since Sep 2024
CVE-2024-46331 WRITEUP HIGH WRITEUP
ModStartCMS v8.8.0 - Open Redirect via Redirect Parameter
ModStartCMS v8.8.0 was discovered to contain an open redirect vulnerability in the redirect parameter at /admin/login. This vulnerability allows attackers to redirect users to an arbitrary website via a crafted URL.
CVSS 7.2
CVE-2024-46333 WRITEUP MEDIUM WRITEUP
Piwigo 14.5.0 - Authenticated Stored Cross-Site Scripting via Album Name Parameter
An authenticated cross-site scripting (XSS) vulnerability in Piwigo v14.5.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Album Name parameter under the Add Album function.
CVSS 4.8
CVE-2024-48311 WRITEUP HIGH WRITEUP
Piwigo 14.5.0 - Cross-Site Request Forgery via Edit Album Function
Piwigo v14.5.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the Edit album function.
CVSS 8.8