CVE-2021-25790

{"id": "CVE-2021-25790", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 6.8, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.3}]}, "published": "2021-07-23T18:15:08.150", "references": [{"url": "https://www.exploit-db.com/exploits/49352", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "https://www.sourcecodester.com", "tags": ["Product"], "source": "cve@mitre.org"}, {"url": "https://www.sourcecodester.com/php/14649/house-rental-and-property-listing-php-full-source-code.html", "tags": ["Product"], "source": "cve@mitre.org"}, {"url": "https://www.exploit-db.com/exploits/49352", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.sourcecodester.com", "tags": ["Product"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.sourcecodester.com/php/14649/house-rental-and-property-listing-php-full-source-code.html", "tags": ["Product"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Multiple stored cross site scripting (XSS) vulnerabilities in the \"Register\" module of House Rental and Property Listing 1.0 allows authenticated attackers to execute arbitrary web scripts or HTML via crafted payloads in all text fields except for Phone Number and Alternate Phone Number."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de tipo cross site scripting (XSS) almacenadas en el m\u00f3dulo \"Register\" de House Rental and Property Listing versi\u00f3n 1.0, permite a atacantes autenticados ejecutar scripts web o HTML arbitrario por medio de cargas \u00fatiles dise\u00f1adas en todos los campos de texto excepto en Phone Number y Alternate Phone Number"}], "lastModified": "2024-11-21T05:55:26.870", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:house_rental_and_property_listing_php_project:house_rental_and_property_listing_php:1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C4D4CE6C-BC66-453C-9E74-19FAC6F25FA7"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}