CVE-2024-7677 | SourceCodester Car Driving School Management System 1.0 SystemSettings.php update_settings_info contact/address cross site scripting

Posted by Angelo Barbosa | Aug 10, 2024 | CVE

A vulnerability was found in SourceCodester Car Driving School Management System 1.0. It has been declared as problematic. Affected by this vulnerability is the function update_settings_info of the file /classes/SystemSettings.php?f=update_settings. The manipulation of the argument contact/address leads to cross site scripting.

This vulnerability is known as CVE-2024-7677. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2024-7677 | SourceCodester Car Driving School Management System 1.0 SystemSettings.php update_settings_info contact/address cross site scripting

Related Posts

CVE-2023-49955 | Dalmann OCPP.Core up to 1.1.x Open Charge Point Protocol chargePointVendor denial of service (Issue 32)

CVE-2024-30047 | Microsoft Dynamics 365 Customer Insights cross site scripting

CVE-2023-51656 | Apache IoTDB up to 0.13.4 deserialization

CVE-2023-6529 | WP VR Plugin up to 8.3.14 on WordPress cross-site request forgery