CVE-2024-0345 | CodeAstro Vehicle Booking System 1.0 User Registration usr/usr-register.php Full_Name/Last_Name/Address cross site scripting

Inserito da Angelo Barbosa | Gen 9, 2024 | CVE

A vulnerability, which was classified as problematic, was found in CodeAstro Vehicle Booking System 1.0. This affects an unknown part of the file usr/usr-register.php of the component User Registration. The manipulation of the argument Full_Name/Last_Name/Address with the input <script>alert(document.cookie)</script> leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2024-0345. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2024-0345 | CodeAstro Vehicle Booking System 1.0 User Registration usr/usr-register.php Full_Name/Last_Name/Address cross site scripting

Post correlati

CVE-2024-31741 | MiniCMS 1.11 cross site scripting (Issue 49)

CVE-2024-21153 | Oracle Process Manufacturing Product Development 12.2.13 Quality Management Specs improper authorization

CVE-2024-1820 | code-projects Crime Reporting System 1.0 inchargelogin.php email/password sql injection

CVE-2024-4003 | wpdevteam Essential Addons for Elementor Plugin up to 5.9.15 on WordPress eael_team_members_image_rounded cross site scripting