VDB-263595 | Campcodes Complete Web-Based School Management System 1.0 show_friend_request.php my_index cross site scripting

Posted by Angelo Barbosa | May 8, 2024 | CVE

A vulnerability, which was classified as problematic, was found in Campcodes Complete Web-Based School Management System 1.0. This affects an unknown part of the file /view/show_friend_request.php. The manipulation of the argument my_index leads to cross site scripting.

It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

VDB-263595 | Campcodes Complete Web-Based School Management System 1.0 show_friend_request.php my_index cross site scripting

Related Posts

CVE-2024-33034 | Qualcomm Snapdragon Auto up to WSA8845H GPU SMMU Mapping use after free

CVE-2024-23667 | Fortinet FortiWebManager up to 6.0.2/6.2.4/6.3.0/7.0.4/7.2.0 HTTP Request Handler/CLI improper authorization (FG-IR-23-222)

CVE-2024-20323 | Cisco Intelligent Node Manager/Intelligent Node Software TLS Connection hard-coded key (cisco-sa-inode-static-key-VUVCeynn)

CVE-2024-9936 | Mozilla Firefox up to 131.0.2 Selection Node Cache denial of service