CVE-2024-12359 | code-projects Admin Dashboard 1.0 /vendor_management.php username cross site scripting

Posted by Angelo Barbosa | Dec 8, 2024 | CVE

A vulnerability was found in code-projects Admin Dashboard 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /vendor_management.php. The manipulation of the argument username leads to cross site scripting.

This vulnerability was named CVE-2024-12359. The attack can be initiated remotely. Furthermore, there is an exploit available.

The initial researcher advisory mentions contradicting product names.

CVE-2024-12359 | code-projects Admin Dashboard 1.0 /vendor_management.php username cross site scripting

Related Posts

CVE-2024-0340 | Linux Kernel vhost/vhost.c vhost_new_msg information disclosure

CVE-2023-52548 | Huawei CurieM-WFG9B 2.28 SMM Module memory corruption

CVE-2024-1120 | NextMove Lite Plugin up to 2.17.0 on WordPress authorization

CVE-2024-20251 | Cisco Identity Services Engine Web-based Management Interface cross site scripting (cisco-sa-ISE-XSS-bL4VTML)