CVE-2024-7814 | CodeAstro Online Railway Reservation System 1.0 Add Employee Page admin-add-employee.php emp_fname /emp_lname /emp_nat_idno/emp_addr cross site scripting

Inserito da Angelo Barbosa | Ago 14, 2024 | CVE

A vulnerability, which was classified as problematic, was found in CodeAstro Online Railway Reservation System 1.0. Affected is an unknown function of the file /admin/admin-add-employee.php of the component Add Employee Page. The manipulation of the argument emp_fname /emp_lname /emp_nat_idno/emp_addr leads to cross site scripting.

This vulnerability is traded as CVE-2024-7814. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2024-7814 | CodeAstro Online Railway Reservation System 1.0 Add Employee Page admin-add-employee.php emp_fname /emp_lname /emp_nat_idno/emp_addr cross site scripting

Post correlati

CVE-2024-45690 | Moodle oauth2 resource injection

CVE-2023-38290 | Sharp Rouvo V access control

CVE-2024-4597 | GitLab Enterprise Edition up to 16.9.6/16.10.4/16.11.1 cross-site request forgery (Issue 438686)

CVE-2024-1464 | Livemesh Elementor Addons Plugin up to 8.3.4 on WordPress Posts Slider Widget cross site scripting