CVE-2024-35345 | Diño Physics School Assistant 2.3 /classes/Users.php id cross site scripting

Inserito da Angelo Barbosa | Mag 30, 2024 | CVE

A vulnerability classified as problematic has been found in Diño Physics School Assistant 2.3. This affects an unknown part of the file /classes/Users.php. The manipulation of the argument id leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2024-35345. It is possible to initiate the attack remotely. There is no exploit available.

CVE-2024-35345 | Diño Physics School Assistant 2.3 /classes/Users.php id cross site scripting

Post correlati

CVE-2021-47468 | Linux Kernel up to 5.14.14 kernel/workqueue.c stack-based overflow

CVE-2024-3623 | quay mirror-registry password in configuration file

CVE-2024-25531 | RuvarOA 6.01/12.01 SearchCondiction.aspx PageID sql injection

CVE-2024-0709 | Cryptocurrency Widgets Plugin 2.0/2.6.5 on WordPress sql injection