A vulnerability classified as problematic was found in SourceCodester Online Eyewear Shop 1.0. Affected by this vulnerability is an unknown functionality of the file admin/?page=orders/view_order. The manipulation of the argument id leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221635.
References
Link | Resource |
---|---|
https://github.com/1MurasaKi/Eyewear_Shop_XSS/blob/main/README.md | Exploit Third Party Advisory |
https://vuldb.com/?ctiid.221635 | Permissions Required |
https://vuldb.com/?id.221635 | Permissions Required |
Configurations
History
07 Sep 2024, 12:56
Type | Values Removed | Values Added |
---|---|---|
First Time |
Oretnom23 online Eyewear Shop
Oretnom23 |
|
CPE | cpe:2.3:a:oretnom23:online_eyewear_shop:1.0:*:*:*:*:*:*:* |
Information
Published : 2023-02-22 20:15
Updated : 2024-09-07 12:56
NVD link : CVE-2023-0966
Mitre link : CVE-2023-0966
CVE.ORG link : CVE-2023-0966
JSON object : View
Products Affected
oretnom23
- online_eyewear_shop
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')