xuanluansec

3 exploits Active since Apr 2024
CVE-2024-28556 WRITEUP CRITICAL WRITEUP
Mayurik Php Task Management System - SQL Injection
SQL Injection vulnerability in Sourcecodester php task management system v1.0, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via crafted payload to admin-manage-user.php.
CVSS 9.8
CVE-2024-28557 WRITEUP CRITICAL WRITEUP
Mayurik Php Task Management System - SQL Injection
SQL Injection vulnerability in Sourcecodester php task management system v1.0, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via crafted payload to update-admin.php.
CVSS 9.8
CVE-2024-28558 WRITEUP HIGH WRITEUP
Mayurik Petrol Pump Management - SQL Injection
SQL Injection vulnerability in sourcecodester Petrol pump management software v1.0, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via crafted payload to admin/app/web_crud.php.
CVSS 8.8