CVE-2024-11490 | 115cms up to 20240807 set.html type cross site scripting

A vulnerability was found in 115cms up to 20240807. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /index.php/admin/web/set.html. The manipulation of the argument type leads to cross site scripting.

This vulnerability is known as CVE-2024-11490. The attack can be launched remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-11490 | 115cms up to 20240807 set.html type cross site scripting

Related Posts

CVE-2024-5118 | SourceCodester Event Registration System 1.0 /admin/login.php username/password sql injection

CVE-2024-26893 | Linux Kernel up to 6.1.82/6.6.22/6.7.10/6.8.1 arm_scmi chan_free null pointer dereference

CVE-2023-50851 | N Squared Appointment Booking Calendar Plugin up to 1.6.6.0 on WordPress sql injection

CVE-2023-42839 | Apple tvOS App state issue