CVE-2024-10198 | code-projects Pharmacy Management System 1.0 Manage Customer Page /manage_customer.php suppliers_name/address cross site scripting

A vulnerability was found in code-projects Pharmacy Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /manage_customer.php of the component Manage Customer Page. The manipulation of the argument suppliers_name/address leads to cross site scripting.

This vulnerability is known as CVE-2024-10198. The attack can be launched remotely. Furthermore, there is an exploit available.

The initial researcher advisory mentions contradicting files to be affected. Other parameters might be affected as well.

CVE-2024-10198 | code-projects Pharmacy Management System 1.0 Manage Customer Page /manage_customer.php suppliers_name/address cross site scripting

Related Posts

CVE-2023-49691 | Siemens RUGGEDCOM RM1224 LTE EU up to 7.x os command injection (ssa-180704)

CVE-2024-35083 | J2EEFAST 2.7.0 SysLoginInfoMapper.xml findPage sql injection

CVE-2023-50231 | Netgear ProSAFE Network Management System saveNodeLabel cross site scripting (ZDI-23-1847)

CVE-2021-47213 | Linux Kernel up to 5.15.4 NFSD nfsd4_decode_bitmap state issue (10c22d9519f3/c0019b7db1d7)