A vulnerability was found in SourceCodester Record Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file sort1.php. The manipulation of the argument position leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-272077 was assigned to this vulnerability.
References
Link | Resource |
---|---|
https://github.com/netmanzhang/VUL/blob/main/Record-Management-System-11.md | Exploit |
https://vuldb.com/?ctiid.272077 | Permissions Required Third Party Advisory VDB Entry |
https://vuldb.com/?id.272077 | Third Party Advisory VDB Entry |
https://vuldb.com/?submit.377340 | Third Party Advisory VDB Entry |
https://github.com/netmanzhang/VUL/blob/main/Record-Management-System-11.md | Exploit |
https://vuldb.com/?ctiid.272077 | Permissions Required Third Party Advisory VDB Entry |
https://vuldb.com/?id.272077 | Third Party Advisory VDB Entry |
https://vuldb.com/?submit.377340 | Third Party Advisory VDB Entry |
Configurations
History
21 Nov 2024, 09:50
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/netmanzhang/VUL/blob/main/Record-Management-System-11.md - Exploit | |
References | () https://vuldb.com/?ctiid.272077 - Permissions Required, Third Party Advisory, VDB Entry | |
References | () https://vuldb.com/?id.272077 - Third Party Advisory, VDB Entry | |
References | () https://vuldb.com/?submit.377340 - Third Party Advisory, VDB Entry | |
CVSS |
v2 : v3 : |
v2 : 4.0
v3 : 3.5 |
21 Aug 2024, 17:38
Type | Values Removed | Values Added |
---|---|---|
First Time |
Jkev record Management System
Jkev |
|
References | () https://github.com/netmanzhang/VUL/blob/main/Record-Management-System-11.md - Exploit | |
References | () https://vuldb.com/?ctiid.272077 - Permissions Required, Third Party Advisory, VDB Entry | |
References | () https://vuldb.com/?id.272077 - Third Party Advisory, VDB Entry | |
References | () https://vuldb.com/?submit.377340 - Third Party Advisory, VDB Entry | |
CPE | cpe:2.3:a:jkev:record_management_system:1.0:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : 4.0
v3 : 6.1 |
22 Jul 2024, 13:00
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
21 Jul 2024, 13:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-07-21 13:15
Updated : 2024-11-21 09:50
NVD link : CVE-2024-6954
Mitre link : CVE-2024-6954
CVE.ORG link : CVE-2024-6954
JSON object : View
Products Affected
jkev
- record_management_system
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')