I’m just a guy who likes to study everything about cybersecurity and programming. My favorite hobby is researching random projects on the internet because I like to do code review. You can see all of my research bellow:
| CVE-2022-35174 | A stored cross-site scripting (XSS) vulnerability in Kirby’s Starterkit v3.7.0.2 |
| CVE-2022-40793 | Recruitment-Portal discovered a SQL injection vulnerability via the “eid” param in the student account. |
| CVE-2022-40794 | A stored cross-site scripting (XSS) vulnerability in Recruitment-Portal |
| CVE-2022-40795 | A stored cross-site scripting (XSS) vulnerability in Recruitment-Portal in the student account. |
| CVE-2022-38637 | Hospital Management System v1.0 was discovered to contain multiple SQL injection vulnerabilities via the Username and Password parameters on the Login page. |
| CVE-2023-24614 | Stored HTML injection in BuddyPress Plugin – 11.0.0 |
| CVE-2023-0785 | Sourcecodester Best Online News Portal 1.0 Check_Availability.php Username Information Exposure. |
| CVE-2023-0784 | Sourcecodester Best Online News Portal 1.0 Login Page Username SQL Injection. |
| CVE-2023-0774 | Sourcecodester medical certificate generator app 1.0 action.php lastname SQL injection. |
| CVE-2023-0675 | Calendar Event Management System 2.3.0 Start/End SQL Injection. |
| CVE-2023-0663 | Calendar Event Management System 2.3.0 Login Page Name/Pwd SQL Injection. |
| CVE-2023-0918 | Unrestricted File Upload in Pharmacy Management System 1.0 |