A vulnerability classified as problematic was found in SourceCodester Medicine Tracker System 1.0. This vulnerability affects unknown code of the file index.php. The manipulation of the argument page leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-242146 is the identifier assigned to this vulnerability.
References
| Link | Resource |
|---|---|
| https://vuldb.com/?ctiid.242146 | Permissions Required Third Party Advisory |
| https://github.com/GodRone/MedicineTrackerSystem/blob/main/Medicine%20Tracker%20System_XSS.md | Exploit Third Party Advisory |
| https://vuldb.com/?id.242146 | Third Party Advisory |
Configurations
History
19 Oct 2023, 12:59
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:a:oretnom23:medicine_tracker_system:1.0:*:*:*:*:*:*:* | |
| First Time |
Oretnom23 medicine Tracker System
Oretnom23 |
18 Oct 2023, 20:07
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Medicine Tracker System Project medicine Tracker System
Medicine Tracker System Project |
|
| References | (MISC) https://github.com/GodRone/MedicineTrackerSystem/blob/main/Medicine%20Tracker%20System_XSS.md - Exploit, Third Party Advisory | |
| References | (MISC) https://vuldb.com/?ctiid.242146 - Permissions Required, Third Party Advisory | |
| References | (MISC) https://vuldb.com/?id.242146 - Third Party Advisory | |
| CPE | cpe:2.3:a:medicine_tracker_system_project:medicine_tracker_system:1.0:*:*:*:*:*:*:* | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.1 |
14 Oct 2023, 17:32
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-10-14 13:15
Updated : 2024-06-05 20:15
NVD link : CVE-2023-5581
Mitre link : CVE-2023-5581
JSON object : View
Products Affected
oretnom23
- medicine_tracker_system
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')