This repository contains descriptions and exploits for two security vulnerabilities:
-
CVE-2023-33580: Stored Cross-Site Scripting (XSS) in the Student Study Center Management System V1.0, allowing attackers to execute arbitrary JavaScript code.
-
CVE-2023-33584: SQL Injection (SQLI) in the Enrollment System Project V1.0, enabling attackers to bypass authentication and gain unauthorized access.
For each vulnerability, there is a detailed description, exploit author, vendor homepage, software link, and steps to reproduce the exploit.