CVE-2024-0726 | Project Worlds Student Project Allocation System 1.0 Admin Login Module admin_login.php msg cross site scripting

A vulnerability was found in Project Worlds Student Project Allocation System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file admin_login.php of the component Admin Login Module. The manipulation of the argument msg with the input test%22%3Cscript%3Ealert(%27Torada%27)%3C/script%3E leads to cross site scripting.

The identification of this vulnerability is CVE-2024-0726. The attack may be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-0726 | Project Worlds Student Project Allocation System 1.0 Admin Login Module admin_login.php msg cross site scripting

Post correlati

CVE-2024-4959 | Frontend Checklist Plugin up to 2.3.2 on WordPress Setting cross site scripting

CVE-2024-1777 | Admin Side Data Storage for Contact Form 7 Plugin up to 1.1.1 on WordPress cross-site request forgery

CVE-2023-46974 | Best Courier Management System 1.000 URL page cross site scripting

CVE-2023-5592 | Phoenix Contact MULTIPROG/ProConOS eCLR code download (VDE-2023-054)