CVE-2022-2814

A vulnerability has been found in SourceCodester Simple and Nice Shopping Cart Script and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /mkshope/login.php. The manipulation of the argument msg leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-206401 was assigned to this vulnerability.
References
Link Resource
https://s1.ax1x.com/2022/08/13/vNcnHA.png Exploit Third Party Advisory
https://vuldb.com/?id.206401 Exploit Third Party Advisory VDB Entry
https://s1.ax1x.com/2022/08/13/vNcnHA.png Exploit Third Party Advisory
https://vuldb.com/?id.206401 Exploit Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

cpe:2.3:a:simple_and_nice_shopping_cart_script_project:simple_and_nice_shopping_cart_script:-:*:*:*:*:*:*:*

History

21 Nov 2024, 07:01

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 6.1
v2 : unknown
v3 : 3.5
References () https://s1.ax1x.com/2022/08/13/vNcnHA.png - Exploit, Third Party Advisory () https://s1.ax1x.com/2022/08/13/vNcnHA.png - Exploit, Third Party Advisory
References () https://vuldb.com/?id.206401 - Exploit, Third Party Advisory, VDB Entry () https://vuldb.com/?id.206401 - Exploit, Third Party Advisory, VDB Entry

Information

Published : 2022-08-15 11:21

Updated : 2024-11-21 07:01


NVD link : CVE-2022-2814

Mitre link : CVE-2022-2814

CVE.ORG link : CVE-2022-2814


JSON object : View

Products Affected

simple_and_nice_shopping_cart_script_project

  • simple_and_nice_shopping_cart_script
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')