A vulnerability was found in SimplePHPscripts Classified Ads Script 1.8. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file user.php of the component HTTP POST Request Handler. The manipulation of the argument title leads to cross site scripting. The attack can be launched remotely. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-232711.
References
Link | Resource |
---|---|
https://simplephpscripts.com/guestbook-script-php/guestbook/preview.php | Not Applicable |
https://vuldb.com/?ctiid.232711 | Permissions Required Third Party Advisory |
https://vuldb.com/?id.232711 | Third Party Advisory |
Configurations
History
07 Jul 2023, 18:45
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:simplephpscripts:classified_ads_script_php:1.8:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.1 |
References | (MISC) https://vuldb.com/?id.232711 - Third Party Advisory | |
References | (MISC) https://simplephpscripts.com/guestbook-script-php/guestbook/preview.php - Not Applicable | |
References | (MISC) https://vuldb.com/?ctiid.232711 - Permissions Required, Third Party Advisory |
29 Jun 2023, 23:57
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-06-29 21:15
Updated : 2024-05-17 02:27
NVD link : CVE-2023-3465
Mitre link : CVE-2023-3465
CVE.ORG link : CVE-2023-3465
JSON object : View
Products Affected
simplephpscripts
- classified_ads_script_php
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')