omershaik0/Handmade_Exploits

Releases0

Within Handmade_Exploits repo, you can expect to find a range of exploits that demonstrate my expertise in identifying and leveraging security weaknesses effectively. Each exploit uploaded to the repository is thoroughly tested and vetted, ensuring its functionality and reliability.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-36085 ↗	Oct 25, 2023Wednesday, 25 October 2023, 18:17	6.1 MEDIUM	—
The sisqualWFM 7.1.319.103 thru 7.1.319.111 for Android, has a host header injection vulnerability in its "/sisqualIdentityServer/core/" endpoint. By modifying the HTTP Host header, an attacker can change webpage links and even redirect users to arbitrary or malicious locations. This can lead to phishing attacks, malware distribution, and unauthorized access to sensitive resources.