CVE-2024-11243 | code-projects Online Shop Store 1.0 /signup.php m2 cross site scripting

Posted by Angelo Barbosa | Nov 15, 2024 | CVE

A vulnerability classified as problematic has been found in code-projects Online Shop Store 1.0. This affects an unknown part of the file /signup.php. The manipulation of the argument m2 with the input <svg%20onload=alert(document.cookie)> leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2024-11243. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2024-11243 | code-projects Online Shop Store 1.0 /signup.php m2 cross site scripting

Related Posts

CVE-2024-6125 | Login with Phone Number Plugin up to 1.7.34 on WordPress password recovery

CVE-2024-7612 | Ivanti Endpoint Manager Mobile up to 12.0.0.4/12.1.0.3 Configuration File permission assignment

CVE-2024-26903 | Linux Kernel up to 6.7.10 rfcomm null pointer dereference

CVE-2024-42766 | Kashipara Bus Ticket Reservation System 1.0 /deleteTicket.php access control