Search Results | AttackerKB

Show filters

Topics 3 Users 9,708

Clear All

Disclosure Date

Disclosure Year Disclosure Month

Collection Command and Control Credential Access Defense Evasion Discovery Execution Exfiltration Impact Initial Access Lateral Movement Persistence Privilege Escalation

3 Total Results

Displaying 1-3 of 3

Attacker Value

Very High

CVE-2021-43141

Disclosure Date: November 03, 2021 (last updated November 28, 2024)

Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Simple Subscription Website 1.0 via the id parameter in plan_application.

Attack Vector: Network Privileges: None User Interaction: Required

3

Attacker Value

Very High

CVE-2021-43140

Disclosure Date: November 03, 2021 (last updated November 28, 2024)

SQL Injection vulnerability exists in Sourcecodester. Simple Subscription Website 1.0. via the login.

Attack Vector: Network Privileges: None User Interaction: None

2

Attacker Value

Unknown

CVE-2022-26283

Disclosure Date: March 21, 2022 (last updated October 07, 2023)

Simple Subscription Website v1.0 was discovered to contain a SQL injection vulnerability via the id parameter in the view_plan endpoint. This vulnerability allows attackers to dump the application's database via crafted HTTP requests.

Attack Vector: Network Privileges: None User Interaction: None

0