A vulnerability, which was classified as problematic, has been found in SourceCodester Complaints Report Management System 1.0. This issue affects some unknown processing of the file /admin/ajax.php?action=save_settings. The manipulation of the argument name leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-272621 was assigned to this vulnerability.
References
Link | Resource |
---|---|
https://gist.github.com/topsky979/e8b6651dd46922157920c8ed2305efd5 | Exploit |
https://vuldb.com/?ctiid.272621 | Permissions Required Third Party Advisory |
https://vuldb.com/?id.272621 | Permissions Required Third Party Advisory |
https://vuldb.com/?submit.380422 | Third Party Advisory |
https://gist.github.com/topsky979/e8b6651dd46922157920c8ed2305efd5 | Exploit |
https://vuldb.com/?ctiid.272621 | Permissions Required Third Party Advisory |
https://vuldb.com/?id.272621 | Permissions Required Third Party Advisory |
https://vuldb.com/?submit.380422 | Third Party Advisory |
Configurations
History
21 Nov 2024, 09:51
Type | Values Removed | Values Added |
---|---|---|
References | () https://gist.github.com/topsky979/e8b6651dd46922157920c8ed2305efd5 - Exploit | |
References | () https://vuldb.com/?ctiid.272621 - Permissions Required, Third Party Advisory | |
References | () https://vuldb.com/?id.272621 - Permissions Required, Third Party Advisory | |
References | () https://vuldb.com/?submit.380422 - Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : 4.0
v3 : 3.5 |
12 Aug 2024, 14:36
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
References | () https://gist.github.com/topsky979/e8b6651dd46922157920c8ed2305efd5 - Exploit | |
References | () https://vuldb.com/?ctiid.272621 - Permissions Required, Third Party Advisory | |
References | () https://vuldb.com/?id.272621 - Permissions Required, Third Party Advisory | |
References | () https://vuldb.com/?submit.380422 - Third Party Advisory | |
First Time |
Oretnom23
Oretnom23 complaints Report Management System |
|
CVSS |
v2 : v3 : |
v2 : 4.0
v3 : 5.4 |
CPE | cpe:2.3:a:oretnom23:complaints_report_management_system:1.0:*:*:*:*:*:*:* |
29 Jul 2024, 13:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-07-29 13:15
Updated : 2024-11-21 09:51
NVD link : CVE-2024-7200
Mitre link : CVE-2024-7200
CVE.ORG link : CVE-2024-7200
JSON object : View
Products Affected
oretnom23
- complaints_report_management_system
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')