CVE-2024-10197

code-projects Pharmacy Management System Manage Supplier Page manage_supplier.php cross site scripting

CVSS 5.1 MEDIUMEPSS 0.4%CWE-79

Vexday Risk Score

13Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS 5.1EPSS 0.4%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

21 oct 2024Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

A vulnerability was found in code-projects Pharmacy Management System 1.0. It has been classified as problematic. Affected is an unknown function of the file /manage_supplier.php of the component Manage Supplier Page. The manipulation of the argument address leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Productos afectados

code-projects · Pharmacy Management System

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://code-projects.org/https://gist.github.com/higordiego/bc051be4a8c6b6641578cad533742aab https://vuldb.com/?ctiid.281022 https://vuldb.com/?id.281022 https://vuldb.com/?submit.426884