xuanluansec

3 exploits Active since Apr 2024
CVE-2024-28556 WRITEUP CRITICAL WRITEUP
php_task_management_system 1.0 - SQL Injection via admin-manage-user.php
SQL Injection vulnerability in Sourcecodester php task management system v1.0, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via crafted payload to admin-manage-user.php.
CVSS 9.8
CVE-2024-28557 WRITEUP CRITICAL WRITEUP
php_task_management_system 1.0 - SQL Injection via update-admin.php
SQL Injection vulnerability in Sourcecodester php task management system v1.0, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via crafted payload to update-admin.php.
CVSS 9.8
CVE-2024-28558 WRITEUP HIGH WRITEUP
Petrol Pump Management Software 1.0 - SQL Injection via admin/app/web_crud.php
SQL Injection vulnerability in sourcecodester Petrol pump management software v1.0, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via crafted payload to admin/app/web_crud.php.
CVSS 8.8