github - ghsa-v39h-7cp3-rgxc

ghsa-v39h-7cp3-rgxc

Vulnerability from github

Published

2024-09-08 00:30

Modified

2024-09-08 00:30

Severity

4.3 (Medium) - CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
6.9 (Medium) - CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Details

A vulnerability classified as problematic was found in code-projects Online Shop Store 1.0. This vulnerability affects unknown code of the file /settings.php. The manipulation of the argument error leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-8566"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-79"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-09-08T00:15:02Z",
    "severity": "MODERATE"
  },
  "details": "A vulnerability classified as problematic was found in code-projects Online Shop Store 1.0. This vulnerability affects unknown code of the file /settings.php. The manipulation of the argument error leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.",
  "id": "GHSA-v39h-7cp3-rgxc",
  "modified": "2024-09-08T00:30:45Z",
  "published": "2024-09-08T00:30:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8566"
    },
    {
      "type": "WEB",
      "url": "https://code-projects.org"
    },
    {
      "type": "WEB",
      "url": "https://drive.google.com/file/d/1MmShihcKuzB9Sw54asriKkRKvdUD8-Ag/view?usp=sharing"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.276796"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.276796"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?submit.403671"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

cve-2024-8566

Vulnerability from cvelistv5

Published

2024-09-07 23:31

Modified

2024-09-09 19:24

Severity

6.9 (Medium) - cvssV4_0 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
4.3 (Medium) - cvssV3_1 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
4.3 (Medium) - cvssV3_0 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Summary

code-projects Online Shop Store settings.php cross site scripting

References

URL	Tags
https://vuldb.com/?id.276796	vdb-entry, technical-description
https://vuldb.com/?ctiid.276796	signature, permissions-required
https://vuldb.com/?submit.403671	third-party-advisory
https://drive.google.com/file/d/1MmShihcKuzB9Sw54asriKkRKvdUD8-Ag/view?usp=sharing	exploit
https://code-projects.org/	product

Impacted products

Vendor	Product
code-projects	Online Shop Store

Show details on NVD website