CVE-2023-7149 | code-projects QR Code Generator 1.0 download.php file cross site scripting

Posted by Angelo Barbosa | Dec 28, 2023 | CVE

A vulnerability was found in code-projects QR Code Generator 1.0. It has been classified as problematic. This affects an unknown part of the file /download.php?file=author.png. The manipulation of the argument file with the input "><iMg src=N onerror=alert(document.domain)> leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2023-7149. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2023-7149 | code-projects QR Code Generator 1.0 download.php file cross site scripting

Related Posts

CVE-2024-2068 | SourceCodester Computer Inventory System 1.0 update-computer.php model cross site scripting

CVE-2024-49390 | Acronis Cyber Files prior 9.0.0×24 on Windows uncontrolled search path

CVE-2024-8884 | Schneider Electric Pro-face Industrial PC PS5000 System Monitor Application information disclosure (SEVD-2024-282-07)

CVE-2021-47104 | Linux Kernel up to 5.15.11 qib qib_user_sdma_queue_pkts memory leak