CVE-2024-0958

A vulnerability was found in CodeAstro Stock Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file /index.php of the component Add Category Handler. The manipulation of the argument Category Name/Category Description leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252203.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:swapnilsahu:stock_management_system:1.0:*:*:*:*:*:*:*

History

02 Feb 2024, 02:20

Type Values Removed Values Added
CPE cpe:2.3:a:swapnilsahu:stock_management_system:1.0:*:*:*:*:*:*:*
CWE CWE-79
First Time Swapnilsahu
Swapnilsahu stock Management System
References () https://drive.google.com/drive/folders/17JTwjuT09q7he_oXkMtZS5jyyXw8ZIgg?usp=sharing - () https://drive.google.com/drive/folders/17JTwjuT09q7he_oXkMtZS5jyyXw8ZIgg?usp=sharing - Exploit, Third Party Advisory
References () https://vuldb.com/?ctiid.252203 - () https://vuldb.com/?ctiid.252203 - Third Party Advisory
References () https://vuldb.com/?id.252203 - () https://vuldb.com/?id.252203 - Third Party Advisory
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.4

27 Jan 2024, 06:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-01-27 06:15

Updated : 2024-05-17 02:35


NVD link : CVE-2024-0958

Mitre link : CVE-2024-0958

CVE.ORG link : CVE-2024-0958


JSON object : View

Products Affected

swapnilsahu

  • stock_management_system
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')