CVE-2024-11247 | SourceCodester Online Eyewear Shop 1.0 Inventory Page Master.php?f=save_product brand cross site scripting

Posted by Angelo Barbosa | Nov 15, 2024 | CVE

A vulnerability has been found in SourceCodester Online Eyewear Shop 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /oews/classes/Master.php?f=save_product of the component Inventory Page. The manipulation of the argument brand leads to cross site scripting.

This vulnerability is known as CVE-2024-11247. The attack can be launched remotely. Furthermore, there is an exploit available.

Other parameters might be affected as well.

CVE-2024-11247 | SourceCodester Online Eyewear Shop 1.0 Inventory Page Master.php?f=save_product brand cross site scripting

Related Posts

CVE-2023-6830 | Formidable Forms Plugin up to 6.7 on WordPress cross site scripting

CVE-2024-36129 | OpenTelemetry Collector HTTP/gRPC denial of service

CVE-2024-3881 | Tenda W30E 1.0.1.25(633) /goform/frmL7ProtForm frmL7PlotForm page stack-based overflow

CVE-2024-46705 | Linux Kernel up to 6.10.6 DRM Privilege Escalation (b1c9fbed3884/c7117419784f)