CVE-2024-6932 | ClassCMS 4.5 order cross site scripting

Posted by Angelo Barbosa | Jul 20, 2024 | CVE

A vulnerability was found in ClassCMS 4.5. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/?action=home&do=shop:index&keyword=&kind=all. The manipulation of the argument order leads to cross site scripting.

This vulnerability is known as CVE-2024-6932. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2024-6932 | ClassCMS 4.5 order cross site scripting

Related Posts

CVE-2024-27376 | Samsung Exynos 1330 slsi_nan_subscribe_get_nl_params heap-based overflow

CVE-2021-47436 | Linux Kernel up to 4.14.251/4.19.212/5.4.154/5.10.74/5.14.13 request_irq null pointer dereference

CVE-2023-38362 | IBM CICS TX Advanced 10.1 HTTP Response observable response discrepancy (XFDB-260814)

CVE-2024-4930 | SourceCodester Simple Online Bidding System 1.0 index.php id sql injection