Описание
A vulnerability was found in Campcodes Park Ticketing System 1.0. The impacted element is the function save_pricing of the file admin_class.php. The manipulation of the argument name/ride results in cross site scripting. The attack may be performed from remote. The exploit has been made public and could be used.
Ссылки
- ExploitIssue TrackingThird Party Advisory
- Permissions RequiredVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Product
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:campcodes:park_ticketing_system:1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 11%
0.00038
Низкий
2.4 Low
CVSS3
4.8 Medium
CVSS3
3.3 Low
CVSS2
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 2.4
github
около 1 месяца назад
A vulnerability was found in Campcodes Park Ticketing System 1.0. The impacted element is the function save_pricing of the file admin_class.php. The manipulation of the argument Name results in cross site scripting. The attack may be performed from remote. The exploit has been made public and could be used.
EPSS
Процентиль: 11%
0.00038
Низкий
2.4 Low
CVSS3
4.8 Medium
CVSS3
3.3 Low
CVSS2
Дефекты
CWE-79