A vulnerability classified as problematic was found in SourceCodester Resort Reservation System 1.0. Affected by this vulnerability is an unknown functionality of the file manage_fee.php. The manipulation of the argument toview leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
References
Link | Resource |
---|---|
https://github.com/gurudattch/CVEs/blob/main/Sourcecodester-Resort-Reservation-system-XSS.md | Exploit Third Party Advisory |
https://vuldb.com/?ctiid.277777 | Permissions Required |
https://vuldb.com/?id.277777 | Permissions Required |
https://vuldb.com/?submit.409586 | Third Party Advisory |
https://www.sourcecodester.com/ | Product |
Configurations
History
23 Sep 2024, 18:12
Type | Values Removed | Values Added |
---|---|---|
First Time |
Oretnom23 resort Reservation System
Oretnom23 |
|
CPE | cpe:2.3:a:oretnom23:resort_reservation_system:1.0:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : 4.0
v3 : 6.1 |
References | () https://github.com/gurudattch/CVEs/blob/main/Sourcecodester-Resort-Reservation-system-XSS.md - Exploit, Third Party Advisory | |
References | () https://vuldb.com/?ctiid.277777 - Permissions Required | |
References | () https://vuldb.com/?id.277777 - Permissions Required | |
References | () https://vuldb.com/?submit.409586 - Third Party Advisory | |
References | () https://www.sourcecodester.com/ - Product |
20 Sep 2024, 12:30
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
17 Sep 2024, 20:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-09-17 20:15
Updated : 2024-09-23 18:12
NVD link : CVE-2024-8951
Mitre link : CVE-2024-8951
CVE.ORG link : CVE-2024-8951
JSON object : View
Products Affected
oretnom23
- resort_reservation_system
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')