exploitDog

CVE-2022-36254

Опубликовано: 12 сент. 2022

Источник: nvd

CVSS3: 5.4

EPSS Низкий

Описание

Multiple persistent cross-site scripting (XSS) vulnerabilities in index.php in tramyardg Hotel Management System 1.0 allow remote attackers to inject arbitrary web script or HTML via multiple parameters such as "fullname".

Ссылки

https://gist.github.com/ziyishen97/c464b459df73c4cef241e7ec774b7cf6
Exploit
Third Party Advisory
https://github.com/tramyardg/hotel-mgmt-system
Product
Third Party Advisory
https://gist.github.com/ziyishen97/c464b459df73c4cef241e7ec774b7cf6
Exploit
Third Party Advisory
https://github.com/tramyardg/hotel-mgmt-system
Product
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:hotel_management_system_project:hotel_management_system:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 39%

0.00175

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-j82w-42mc-f78p

CVSS3: 5.4

github

больше 3 лет назад

Multiple persistent cross-site scripting (XSS) vulnerabilities in index.php in tramyardg Hotel Management System 1.0 allow remote attackers to inject arbitrary web script or HTML via multiple parameters such as "fullname".

EPSS

Процентиль: 39%

0.00175

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79