CVE-2024-10559

Опубликовано: 31 окт. 2024

Источник: nvd

CVSS3: 5.3

CVSS3: 7.8

CVSS2: 4.3

EPSS Низкий

Описание

A vulnerability was found in SourceCodester Airport Booking Management System 1.0 and classified as critical. Affected by this issue is the function Details. The manipulation of the argument passport/name leads to buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

Ссылки

https://github.com/CveSecLook/cve/issues/64
Exploit
Third Party Advisory
https://vuldb.com/?ctiid.282560
Permissions Required
VDB Entry
https://vuldb.com/?id.282560
Third Party Advisory
VDB Entry
https://vuldb.com/?submit.433262
Third Party Advisory
VDB Entry
https://www.sourcecodester.com/
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:razormist:airport_booking_management_system:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 25%

0.00087

Низкий

5.3 Medium

CVSS3

7.8 High

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-119

Связанные уязвимости

GHSA-ph76-mqg3-44g8

CVSS3: 5.3

github

больше 1 года назад

A vulnerability was found in SourceCodester Airport Booking Management System 1.0 and classified as critical. Affected by this issue is the function details of the component Passport Number Handler. The manipulation leads to buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.

EPSS

Процентиль: 25%

0.00087

Низкий

5.3 Medium

CVSS3

7.8 High

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-119