Описание
Cross Site Scripting vulnerability in Petrol Pump Mangement Software v.1.0 allows an attacker to execute arbitrary code via a crafted payload to the image parameter in the profile.php component.
Cross Site Scripting vulnerability in Petrol Pump Mangement Software v.1.0 allows an attacker to execute arbitrary code via a crafted payload to the image parameter in the profile.php component.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2024-27744
- https://github.com/shubham-s-pandey/CVE_POC/blob/main/CVE-2024-27744.md
- https://www.sourcecodester.com/php/17180/petrol-pump-management-software-free-download.html
- http://mayurik.com
- http://www.w3.org/2000/svg
- http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd
Связанные уязвимости
CVSS3: 6.1
nvd
почти 2 года назад
Cross Site Scripting vulnerability in Petrol Pump Mangement Software v.1.0 allows an attacker to execute arbitrary code via a crafted payload to the image parameter in the profile.php component.