CVE-2024-12892 | code-projects Online Exam Mastering System 1.0 /sign.php?q=account.php name/gender/college cross site scripting

Posted by Angelo Barbosa | Dec 21, 2024 | CVE

A vulnerability classified as problematic was found in code-projects Online Exam Mastering System 1.0. Affected by this vulnerability is an unknown functionality of the file /sign.php?q=account.php. The manipulation of the argument name/gender/college leads to cross site scripting.

This vulnerability is known as CVE-2024-12892. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2024-12892 | code-projects Online Exam Mastering System 1.0 /sign.php?q=account.php name/gender/college cross site scripting

Related Posts

CVE-2024-37893 | Firefly III up to 6.1.16 MFA improper authentication (GHSA-4gm4-c4mh-4p7w)

CVE-2024-3361 | SourceCodester Online Library System 1.0 deweydecimal.php category sql injection

CVE-2023-49952 | Mastodon up to 4.1.16/4.2.8 HTTP Request Header allocation of resources (GHSA-c2r5-cfqr-c553)

CVE-2024-26815 | Linux Kernel up to 6.1.82/6.6.22/6.7.10/6.8.1 lib/dump_stack.c taprio_parse_tc_entry out-of-bounds