CVE-2024-1026 | eReserv 7.7.58 front/admin/config.php id cross site scripting

Inserito da Angelo Barbosa | Gen 29, 2024 | CVE

A vulnerability was found in eReserv 7.7.58 and classified as problematic. This issue affects some unknown processing of the file front/admin/config.php. The manipulation of the argument id with the input %22%3E%3Cscript%3Ealert(%27XSS%27)%3C/script%3E leads to cross site scripting.

The identification of this vulnerability is CVE-2024-1026. The attack may be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-1026 | eReserv 7.7.58 front/admin/config.php id cross site scripting

Post correlati

CVE-2024-36857 | Jan 0.4.12 /v1/app/readFileSync path traversal

CVE-2024-27623 | CMS Made Simple 2.2.19 Template injection

CVE-2024-6151 | Citrix Virtual Apps and Desktops privileges management (CTX678035)

CVE-2024-33654 | Siemens Simcenter Femap up to 2401.0000 BMP File out-of-bounds (ssa-064222)