CVE-2024-8566

A vulnerability classified as problematic was found in code-projects Online Shop Store 1.0. This vulnerability affects unknown code of the file /settings.php. The manipulation of the argument error leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:online_shop_store_project:online_shop_store:1.0:*:*:*:*:*:*:*

History

10 Sep 2024, 15:42

Type Values Removed Values Added
CVSS v2 : 5.0
v3 : 4.3
v2 : 5.0
v3 : 6.1
CPE cpe:2.3:a:online_shop_store_project:online_shop_store:1.0:*:*:*:*:*:*:*
References () https://code-projects.org/ - () https://code-projects.org/ - Product
References () https://drive.google.com/file/d/1MmShihcKuzB9Sw54asriKkRKvdUD8-Ag/view?usp=sharing - () https://drive.google.com/file/d/1MmShihcKuzB9Sw54asriKkRKvdUD8-Ag/view?usp=sharing - Permissions Required
References () https://vuldb.com/?ctiid.276796 - () https://vuldb.com/?ctiid.276796 - Permissions Required
References () https://vuldb.com/?id.276796 - () https://vuldb.com/?id.276796 - Third Party Advisory, VDB Entry
References () https://vuldb.com/?submit.403671 - () https://vuldb.com/?submit.403671 - Third Party Advisory, VDB Entry
First Time Online Shop Store Project online Shop Store
Online Shop Store Project

09 Sep 2024, 13:03

Type Values Removed Values Added
Summary
  • (es) Se ha encontrado una vulnerabilidad clasificada como problemática en code-projects Online Shop Store 1.0. Esta vulnerabilidad afecta al código desconocido del archivo /settings.php. La manipulación del argumento error provoca ataques de cross site scripting. El ataque puede iniciarse de forma remota. El exploit ha sido divulgado al público y puede utilizarse.

08 Sep 2024, 00:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-08 00:15

Updated : 2024-09-10 15:42


NVD link : CVE-2024-8566

Mitre link : CVE-2024-8566

CVE.ORG link : CVE-2024-8566


JSON object : View

Products Affected

online_shop_store_project

  • online_shop_store
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')