A vulnerability has been found in SourceCodester File Manager App 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Add File Handler. The manipulation of the argument File Title/Uploaded By leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
References
Link | Resource |
---|---|
https://docs.google.com/document/d/19jCrr48SwP9dkOAaf8HAgg0fxK7PjE4ZWbPSFU4zqKE/edit?usp=sharing | Exploit |
https://vuldb.com/?ctiid.274117 | Permissions Required VDB Entry |
https://vuldb.com/?id.274117 | Permissions Required Third Party Advisory VDB Entry |
https://vuldb.com/?submit.388434 | Third Party Advisory VDB Entry |
Configurations
History
22 Nov 2024, 14:59
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:remyandrade:file_manager_app:1.0:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : 4.0
v3 : 3.5 |
First Time |
Remyandrade
Remyandrade file Manager App |
15 Aug 2024, 17:50
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
References | () https://docs.google.com/document/d/19jCrr48SwP9dkOAaf8HAgg0fxK7PjE4ZWbPSFU4zqKE/edit?usp=sharing - Exploit | |
References | () https://vuldb.com/?ctiid.274117 - Permissions Required, VDB Entry | |
References | () https://vuldb.com/?id.274117 - Permissions Required, Third Party Advisory, VDB Entry | |
References | () https://vuldb.com/?submit.388434 - Third Party Advisory, VDB Entry | |
CPE | cpe:2.3:a:rems:file_manager_app:1.0:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : 4.0
v3 : 6.1 |
First Time |
Rems file Manager App
Rems |
12 Aug 2024, 13:41
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-08-12 13:38
Updated : 2024-11-22 14:59
NVD link : CVE-2024-7660
Mitre link : CVE-2024-7660
CVE.ORG link : CVE-2024-7660
JSON object : View
Products Affected
remyandrade
- file_manager_app
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')