Описание
A flaw has been found in PHPGurukul Curfew e-Pass Management System 1.0. The impacted element is an unknown function of the file admin-profile.php. Executing manipulation of the argument adminname/email can lead to cross site scripting. The attack may be launched remotely. The exploit has been published and may be used.
Ссылки
- ExploitIssue TrackingThird Party Advisory
- Product
- Permissions RequiredVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:phpgurukul:curfew_e-pass_management_system:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 13%
0.00044
Низкий
2.4 Low
CVSS3
4.8 Medium
CVSS3
3.3 Low
CVSS2
Дефекты
CWE-79
CWE-79
Связанные уязвимости
CVSS3: 2.4
github
3 месяца назад
A flaw has been found in PHPGurukul Curfew e-Pass Management System 1.0. The impacted element is an unknown function of the file admin-profile.php. Executing manipulation of the argument adminname/email can lead to cross site scripting. The attack may be launched remotely. The exploit has been published and may be used.
EPSS
Процентиль: 13%
0.00044
Низкий
2.4 Low
CVSS3
4.8 Medium
CVSS3
3.3 Low
CVSS2
Дефекты
CWE-79
CWE-79