CVE-2024-25202

Опубликовано: 28 фев. 2024

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

Cross Site Scripting vulnerability in Phpgurukul User Registration & Login and User Management System 1.0 allows attackers to run arbitrary code via the search bar.

Ссылки

https://drive.google.com/file/d/1oMNcChsXPMP9pu9lIE2C11n8mzkmLhcY/view
Exploit
https://github.com/Agampreet-Singh/CVE-2024-25202
Exploit
Third Party Advisory
https://medium.com/%40agampreetsingh_93704/cve-2024-25202-discover-by-agampreet-singh-cyber-security-expert-ff8e32f5cf52
Exploit
Third Party Advisory
https://drive.google.com/file/d/1oMNcChsXPMP9pu9lIE2C11n8mzkmLhcY/view
Exploit
https://github.com/Agampreet-Singh/CVE-2024-25202
Exploit
Third Party Advisory
https://medium.com/%40agampreetsingh_93704/cve-2024-25202-discover-by-agampreet-singh-cyber-security-expert-ff8e32f5cf52
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:phpgurukul:user_registration_\&_login_and_user_management_system:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 89%

0.04945

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-94

Связанные уязвимости

GHSA-c8vm-3472-wwfq