CVE-2024-2533

A vulnerability, which was classified as problematic, has been found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0. Affected by this issue is some unknown functionality of the file /admin/update-users.php. The manipulation of the argument id leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-256970 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Configurations

No configuration.

History

21 Mar 2024, 02:52

Type Values Removed Values Added
Summary
  • (es) Una vulnerabilidad fue encontrada en MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0 y clasificada como problemática. Una función desconocida del archivo /admin/update-users.php es afectada por esta vulnerabilidad. La manipulación del argumento id conduce a cross-site scripting. El ataque puede lanzarse de forma remota. El exploit ha sido divulgado al público y puede utilizarse. VDB-256970 es el identificador asignado a esta vulnerabilidad. NOTA: Se contactó primeramente con el proveedor sobre esta divulgación, pero no respondió de ninguna manera.

16 Mar 2024, 23:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-03-16 23:15

Updated : 2024-05-17 02:38


NVD link : CVE-2024-2533

Mitre link : CVE-2024-2533

CVE.ORG link : CVE-2024-2533


JSON object : View

Products Affected

No product.

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')