CVE-2024-3433 | PuneethReddyHC Event Management 1.0 /backend/register.php event_id/full_name/email/mobile/college/branch cross site scripting (ID 177841)

Inserito da Angelo Barbosa | Apr 7, 2024 | CVE

A vulnerability classified as problematic has been found in PuneethReddyHC Event Management 1.0. Affected is an unknown function of the file /backend/register.php. The manipulation of the argument event_id/full_name/email/mobile/college/branch leads to cross site scripting.

This vulnerability is traded as CVE-2024-3433. It is possible to launch the attack remotely. There is no exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-3433 | PuneethReddyHC Event Management 1.0 /backend/register.php event_id/full_name/email/mobile/college/branch cross site scripting (ID 177841)

Post correlati

CVE-2024-2494 | libvirt RPC Library API g_new0 allocation of resources

CVE-2024-24724 | Gibbon up to 26.0.00 Template messengerSettings.php injection

CVE-2024-4733 | ShiftController Employee Shift Scheduling Plugin up to 4.9.57 on WordPress code injection

CVE-2024-8925 | PHP up to 8.1.29/8.2.23/8.3.11 HTTP POST Request (GHSA-9pqp-7h25-4f32)