A vulnerability has been found in SourceCodester Profile Registration without Reload Refresh 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file add.php. The manipulation of the argument email_address/address/company_name/job_title/jobDescriptionparameter leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
History

Thu, 17 Oct 2024 15:00:00 +0000

Type Values Removed Values Added
First Time appeared Rems
Rems profile Registration Without Reload\/refresh
CPEs cpe:2.3:a:rems:profile_registration_without_reload\/refresh:1.0:*:*:*:*:*:*:*
Vendors & Products Rems
Rems profile Registration Without Reload\/refresh

Fri, 11 Oct 2024 21:15:00 +0000

Type Values Removed Values Added
First Time appeared Sourcecodester
Sourcecodester profile Registration Without Reload Refresh
CPEs cpe:2.3:a:sourcecodester:profile_registration_without_reload_refresh:*:*:*:*:*:*:*:*
Vendors & Products Sourcecodester
Sourcecodester profile Registration Without Reload Refresh
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Thu, 10 Oct 2024 16:45:00 +0000

Type Values Removed Values Added
Description A vulnerability has been found in SourceCodester Profile Registration without Reload Refresh 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file add.php. The manipulation of the argument email_address/address/company_name/job_title/jobDescriptionparameter leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
Title SourceCodester Profile Registration without Reload Refresh add.php cross site scripting
Weaknesses CWE-79
References
Metrics cvssV2_0

{'score': 4, 'vector': 'AV:N/AC:L/Au:S/C:N/I:P/A:N'}

cvssV3_0

{'score': 3.5, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N'}

cvssV3_1

{'score': 3.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2024-10-10T16:31:06.825Z

Updated: 2024-10-10T16:52:19.158Z

Reserved: 2024-10-10T07:32:04.182Z

Link: CVE-2024-9799

cve-icon Vulnrichment

Updated: 2024-10-10T16:52:04.214Z

cve-icon NVD

Status : Analyzed

Published: 2024-10-10T17:15:16.390

Modified: 2024-10-17T14:32:17.640

Link: CVE-2024-9799

cve-icon Redhat

No data.