CVE-2025-0339

A vulnerability classified as problematic has been found in code-projects Online Bike Rental 1.0. Affected is an unknown function of the file /vehical-details.php of the component HTTP GET Request Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely.
References
Link Resource
https://code-projects.org/ Product
https://vuldb.com/?ctiid.290826 Permissions Required VDB Entry
https://vuldb.com/?id.290826 Third Party Advisory VDB Entry
https://vuldb.com/?submit.475731 Exploit Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

cpe:2.3:a:fabianros:online_bike_rental_system:1.0:*:*:*:*:*:*:*

History

03 Mar 2025, 16:25

Type Values Removed Values Added
CPE cpe:2.3:a:fabianros:online_bike_rental_system:1.0:*:*:*:*:*:*:*
First Time Fabianros online Bike Rental System
Fabianros
Summary
  • (es) Se ha encontrado una vulnerabilidad clasificada como problemática en code-projects Online Bike Rental 1.0. Se ve afectada una función desconocida del archivo /vehical-details.php del componente HTTP GET Request Handler. La manipulación conduce a cross site scripting. Es posible lanzar el ataque de forma remota.
References () https://code-projects.org/ - () https://code-projects.org/ - Product
References () https://vuldb.com/?ctiid.290826 - () https://vuldb.com/?ctiid.290826 - Permissions Required, VDB Entry
References () https://vuldb.com/?id.290826 - () https://vuldb.com/?id.290826 - Third Party Advisory, VDB Entry
References () https://vuldb.com/?submit.475731 - () https://vuldb.com/?submit.475731 - Exploit, Third Party Advisory, VDB Entry

09 Jan 2025, 07:15

Type Values Removed Values Added
New CVE

Information

Published : 2025-01-09 07:15

Updated : 2025-03-03 16:25


NVD link : CVE-2025-0339

Mitre link : CVE-2025-0339

CVE.ORG link : CVE-2025-0339


JSON object : View

Products Affected

fabianros

  • online_bike_rental_system
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-94

Improper Control of Generation of Code ('Code Injection')