CVE-2024-0467 | code-projects Employee Profile Management System 1.0 edit_position_query.php pos_name cross site scripting

Inserito da Angelo Barbosa | Gen 12, 2024 | CVE

A vulnerability, which was classified as problematic, was found in code-projects Employee Profile Management System 1.0. Affected is an unknown function of the file edit_position_query.php. The manipulation of the argument pos_name leads to cross site scripting.

This vulnerability is traded as CVE-2024-0467. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2024-0467 | code-projects Employee Profile Management System 1.0 edit_position_query.php pos_name cross site scripting

Post correlati

CVE-2024-7870 | PixelYourSite Plugin/PixelYourSite Pro Plugin on WordPress improper authentication

CVE-2022-48685 | Logpoint up to 7.1.1 clean_secbi_old_logs Local Privilege Escalation

CVE-2024-43820 | Linux Kernel up to 6.10.2 drivers/md/dm-raid.c information disclosure (a5c15a78c0e1/3199a34bfaf7)

CVE-2024-44256 | Apple macOS up to 13.6/14.6 sandbox