Описание
Cross Site Scripting vulnerability in Service Provider Management System v.1.0 allows a remote attacker to execute arbitrary code and obtain sensitive information via the firstname, middlename and lastname parameters in the /php-spms/admin/?page=user endpoint.
Ссылки
- ExploitMitigationThird Party Advisory
- Product
- Product
- ExploitMitigationThird Party Advisory
- Product
- Product
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:oretnom23:service_provider_management_system:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 74%
0.0084
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 5.4
github
больше 2 лет назад
Cross Site Scripting vulnerability in Service Provider Management System v.1.0 allows a remote attacker to execute arbitrary code and obtain sensitive information via the firstname, middlename and lastname parameters in the /php-spms/admin/?page=user endpoint.
EPSS
Процентиль: 74%
0.0084
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-79