CVE-2024-4688 | Campcodes Complete Web-Based School Management System 1.0 conversation_history_admin.php conversation_id cross site scripting

Posted by Angelo Barbosa | May 9, 2024 | CVE

A vulnerability classified as problematic was found in Campcodes Complete Web-Based School Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /view/conversation_history_admin.php. The manipulation of the argument conversation_id leads to cross site scripting.

This vulnerability is known as CVE-2024-4688. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2024-4688 | Campcodes Complete Web-Based School Management System 1.0 conversation_history_admin.php conversation_id cross site scripting

Related Posts

CVE-2024-35917 | Linux Kernel up to 6.6.25/6.8.4 s390 bpf_plt null pointer dereference (c3062bdb859b/d3d74e45a060/7ded842b356d)

CVE-2024-2073 | SourceCodester Block Inserter for Dynamic Content 1.0 view_post.php id sql injection

CVE-2023-34435 | LevelOne WBR-6013 RER4_A_v3411b_2T2R_LEV_09_170623 Realtek rtl819x Jungle SDK formUpload signature verification (TALOS-2023-1874)

CVE-2024-6355 | Genexis Tilgin Fiber Home Gateway HG1522 CSx000-01_09_01_12 /status/product_info/ product_info cross site scripting