A vulnerability was found in FastAdmin 1.5.0.20240328. It has been declared as problematic. This vulnerability affects unknown code of the file /[admins_url].php/general/attachment/edit/ids/4?dialog=1 of the component Attachment Management Section. The manipulation of the argument row[url]/row[imagewidth]/row[imageheight] leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-273544.
References
Link | Resource |
---|---|
https://github.com/Hebing123/cve/issues/65 | Exploit Third Party Advisory |
https://github.com/Hebing123/cve/issues/66 | Exploit Third Party Advisory |
https://vuldb.com/?ctiid.273544 | Permissions Required Third Party Advisory |
https://vuldb.com/?id.273544 | Permissions Required Third Party Advisory |
https://vuldb.com/?submit.384320 | Third Party Advisory |
Configurations
History
20 Aug 2024, 15:50
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/Hebing123/cve/issues/65 - Exploit, Third Party Advisory | |
References | () https://github.com/Hebing123/cve/issues/66 - Exploit, Third Party Advisory | |
References | () https://vuldb.com/?ctiid.273544 - Permissions Required, Third Party Advisory | |
References | () https://vuldb.com/?id.273544 - Permissions Required, Third Party Advisory | |
References | () https://vuldb.com/?submit.384320 - Third Party Advisory | |
CPE | cpe:2.3:a:fastadmin:fastadmin:1.5.0.20240328:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : 3.3
v3 : 4.8 |
First Time |
Fastadmin
Fastadmin fastadmin |
05 Aug 2024, 12:41
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
04 Aug 2024, 05:16
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-08-04 05:16
Updated : 2024-08-20 15:50
NVD link : CVE-2024-7453
Mitre link : CVE-2024-7453
CVE.ORG link : CVE-2024-7453
JSON object : View
Products Affected
fastadmin
- fastadmin
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')