A vulnerability classified as problematic has been found in Project Worlds Online Lawyer Management System 1.0. Affected is an unknown function of the component User Registration. The manipulation of the argument First Name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-249822 is the identifier assigned to this vulnerability.
References
| Link | Resource |
|---|---|
| https://vuldb.com/?id.249822 | Third Party Advisory VDB Entry |
| https://vuldb.com/?ctiid.249822 | Permissions Required Third Party Advisory VDB Entry |
| https://drive.google.com/file/d/1U60z1xzBzJjalbmwBmPD5NjJ4pPaDevF/view?usp=sharing | Exploit Third Party Advisory |
Configurations
History
11 Jan 2024, 16:41
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://vuldb.com/?id.249822 - Third Party Advisory, VDB Entry | |
| References | () https://vuldb.com/?ctiid.249822 - Permissions Required, Third Party Advisory, VDB Entry | |
| References | () https://drive.google.com/file/d/1U60z1xzBzJjalbmwBmPD5NjJ4pPaDevF/view?usp=sharing - Exploit, Third Party Advisory | |
| First Time |
Yugeshverma
Yugeshverma online Lawyer Management System |
|
| CWE | CWE-79 | |
| CPE | cpe:2.3:a:yugeshverma:online_lawyer_management_system:1.0:*:*:*:*:*:*:* | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.4 |
07 Jan 2024, 06:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-01-07 06:15
Updated : 2024-05-17 02:34
NVD link : CVE-2024-0266
Mitre link : CVE-2024-0266
JSON object : View
Products Affected
yugeshverma
- online_lawyer_management_system
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')