CVE-2024-7815 | CodeAstro Online Railway Reservation System 1.0 Update Employee Page admin-update-employee.php emp_fname /emp_lname /emp_nat_idno/emp_addr cross site scripting

Inserito da Angelo Barbosa | Ago 14, 2024 | CVE

A vulnerability has been found in CodeAstro Online Railway Reservation System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/admin-update-employee.php of the component Update Employee Page. The manipulation of the argument emp_fname /emp_lname /emp_nat_idno/emp_addr leads to cross site scripting.

This vulnerability is known as CVE-2024-7815. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2024-7815 | CodeAstro Online Railway Reservation System 1.0 Update Employee Page admin-update-employee.php emp_fname /emp_lname /emp_nat_idno/emp_addr cross site scripting

Post correlati

CVE-2024-39427 | Unisoc S8000 Trusty Service out-of-bounds write

CVE-2023-46837 | Xen 4.15.x/4.16.x/4.17.x ARM Helper information disclosure (XSA-447)

CVE-2024-39334 | Mendelson AS4 prior 2024 B376 XML Data Remote Code Execution

CVE-2024-31209 | oidcc Atom resource consumption