CVE-2023-7108 | code-projects E-Commerce Website 1.0 user_signup.php firstname cross site scripting

Posted by Angelo Barbosa | Dec 25, 2023 | CVE

A vulnerability classified as problematic has been found in code-projects E-Commerce Website 1.0. This affects an unknown part of the file user_signup.php. The manipulation of the argument firstname with the input <video/src=x onerror=alert(document.domain)> leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2023-7108. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2023-7108 | code-projects E-Commerce Website 1.0 user_signup.php firstname cross site scripting

Related Posts

CVE-2023-49086 | Cacti up to 1.2.25 Incomplete Fix CVE-2023-39360 graphs_new.php cross site scripting

CVE-2024-42427 | Dell Wyse Proprietary OS 2402/2405 command injection (dsa-2024-386)

CVE-2024-7231 | Avast Cleanup Premium link following (ZDI-24-1001)

CVE-2024-37001 | Autodesk AutoCAD 3DM File Parser heap-based overflow