CVE-2023-7149 | code-projects QR Code Generator 1.0 download.php file cross site scripting

Posted by Angelo Barbosa | Dec 28, 2023 | CVE

A vulnerability was found in code-projects QR Code Generator 1.0. It has been classified as problematic. This affects an unknown part of the file /download.php?file=author.png. The manipulation of the argument file with the input "><iMg src=N onerror=alert(document.domain)> leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2023-7149. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

CVE-2023-7149 | code-projects QR Code Generator 1.0 download.php file cross site scripting

Related Posts

CVE-2024-34582 | Sunhillo SureLine up to 8.10.0 on RICI 5000 Forgot Password cgi/usrPasswd.cgi userid_change cross site scripting

CVE-2024-47443 | Adobe After Effects up to 23.6.9/24.6.2 out-of-bounds write (apsb24-85)

CVE-2024-30631 | Tenda FH1205 2.0.0.7(775) /goform/openSchedWifi setSchedWifi schedStartTime stack-based overflow

CVE-2024-22339 | IBM UrbanCode Deploy/DevOps Deploy log file (XFDB-279979)