Search criteria
2 vulnerabilities found for Simple Banking System by CodeAstro
CVE-2024-0424 (GCVE-0-2024-0424)
Vulnerability from cvelistv5 – Published: 2024-01-11 19:31 – Updated: 2025-06-03 14:07
VLAI?
Summary
A vulnerability classified as problematic has been found in CodeAstro Simple Banking System 1.0. This affects an unknown part of the file createuser.php of the component Create a User Page. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250443.
Severity ?
CWE
- CWE-79 - Cross Site Scripting
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| CodeAstro | Simple Banking System |
Affected:
1.0
|
Credits
ABHISHEK K.A (VulDB User)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:04:49.693Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://vuldb.com/?id.250443"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.250443"
},
{
"tags": [
"exploit",
"x_transferred"
],
"url": "https://drive.google.com/file/d/1jr5YRrESDjcNmhpQRK5yHvvxNlYJp2oK/view?usp=sharing"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0424",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T15:39:21.559967Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T14:07:24.711Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Create a User Page"
],
"product": "Simple Banking System",
"vendor": "CodeAstro",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "analyst",
"value": "ABHISHEK K.A (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic has been found in CodeAstro Simple Banking System 1.0. This affects an unknown part of the file createuser.php of the component Create a User Page. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250443."
},
{
"lang": "de",
"value": "Es wurde eine Schwachstelle in CodeAstro Simple Banking System 1.0 entdeckt. Sie wurde als problematisch eingestuft. Dabei betrifft es einen unbekannter Codeteil der Datei createuser.php der Komponente Create a User Page. Mittels Manipulieren mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross Site Scripting",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-11T19:31:05.125Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.250443"
},
{
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.250443"
},
{
"tags": [
"exploit"
],
"url": "https://drive.google.com/file/d/1jr5YRrESDjcNmhpQRK5yHvvxNlYJp2oK/view?usp=sharing"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-01-11T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2024-01-11T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2024-01-11T13:29:45.000Z",
"value": "VulDB entry last update"
}
],
"title": "CodeAstro Simple Banking System Create a User Page createuser.php cross site scripting"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-0424",
"datePublished": "2024-01-11T19:31:05.125Z",
"dateReserved": "2024-01-11T12:24:36.144Z",
"dateUpdated": "2025-06-03T14:07:24.711Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-0424 (GCVE-0-2024-0424)
Vulnerability from nvd – Published: 2024-01-11 19:31 – Updated: 2025-06-03 14:07
VLAI?
Summary
A vulnerability classified as problematic has been found in CodeAstro Simple Banking System 1.0. This affects an unknown part of the file createuser.php of the component Create a User Page. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250443.
Severity ?
CWE
- CWE-79 - Cross Site Scripting
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| CodeAstro | Simple Banking System |
Affected:
1.0
|
Credits
ABHISHEK K.A (VulDB User)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:04:49.693Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://vuldb.com/?id.250443"
},
{
"tags": [
"signature",
"permissions-required",
"x_transferred"
],
"url": "https://vuldb.com/?ctiid.250443"
},
{
"tags": [
"exploit",
"x_transferred"
],
"url": "https://drive.google.com/file/d/1jr5YRrESDjcNmhpQRK5yHvvxNlYJp2oK/view?usp=sharing"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0424",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T15:39:21.559967Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T14:07:24.711Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Create a User Page"
],
"product": "Simple Banking System",
"vendor": "CodeAstro",
"versions": [
{
"status": "affected",
"version": "1.0"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "analyst",
"value": "ABHISHEK K.A (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as problematic has been found in CodeAstro Simple Banking System 1.0. This affects an unknown part of the file createuser.php of the component Create a User Page. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250443."
},
{
"lang": "de",
"value": "Es wurde eine Schwachstelle in CodeAstro Simple Banking System 1.0 entdeckt. Sie wurde als problematisch eingestuft. Dabei betrifft es einen unbekannter Codeteil der Datei createuser.php der Komponente Create a User Page. Mittels Manipulieren mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross Site Scripting",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-11T19:31:05.125Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.250443"
},
{
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.250443"
},
{
"tags": [
"exploit"
],
"url": "https://drive.google.com/file/d/1jr5YRrESDjcNmhpQRK5yHvvxNlYJp2oK/view?usp=sharing"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-01-11T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2024-01-11T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2024-01-11T13:29:45.000Z",
"value": "VulDB entry last update"
}
],
"title": "CodeAstro Simple Banking System Create a User Page createuser.php cross site scripting"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-0424",
"datePublished": "2024-01-11T19:31:05.125Z",
"dateReserved": "2024-01-11T12:24:36.144Z",
"dateUpdated": "2025-06-03T14:07:24.711Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}