AslamMahi/CVE-Aslam-Mahi

Releases0

Stars1

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-45932 ↗	Oct 7, 2024Monday, 7 October 2024, 16:15	4.8 MEDIUM	—
Krayin CRM v1.3.0 is vulnerable to Cross Site Scripting (XSS) via the organization name field in /admin/contacts/organizations/edit/2.
CVE-2024-45933 ↗	Oct 7, 2024Monday, 7 October 2024, 15:15	6.6 MEDIUM	—
OnlineNewsSite v1.0 is vulnerable to Cross Site Scripting (XSS) which allows attackers to execute arbitrary code via the Title and summary fields in the /admin/post/edit/ endpoint.
CVE-2024-44727 ↗	Sep 5, 2024Thursday, 5 September 2024, 17:15	9.8 CRITICAL	—
Sourcecodehero Event Management System1.0 is vulnerable to SQL Injection via the parameter 'username' in /event/admin/login.php.
CVE-2024-44728 ↗	Sep 5, 2024Thursday, 5 September 2024, 17:15	6.1 MEDIUM	—
Sourcecodehero Event Management System 1.0 allows Stored Cross-Site Scripting via parameters Full Name, Address, Email, and contact# in /clientdetails/admin/regester.php.