CVE-2024-2285

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-2285
A vulnerability, which was classified as problematic, has been found in boyiddha Automated-Mess-Management-System 1.0. Affected by this issue is some unknown functionality of the file /member/member_edit.php. The manipulation of the argument name leads to cross site scripting. The attack may be launched remotely. The identifier of this vulnerability is VDB-256052. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

6.1 /10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References
Link Resource
https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/boyiddha%20utomated-Mess-Management-System/STORED%20XSS%20member-member-edit.php%20.md Broken Link
https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/boyiddha%20utomated-Mess-Management-System/STORED%20XSS%20member-member-edit.php%20.md Broken Link
https://vuldb.com/?ctiid.256052 Permissions Required
https://vuldb.com/?ctiid.256052 Permissions Required
https://vuldb.com/?id.256052 Permissions Required
https://vuldb.com/?id.256052 Permissions Required
Configurations

Configuration 1 (hide)

cpe:2.3:a:boyiddha:automated-mess-management-system:1.0:*:*:*:*:*:*:*
History

12 Mar 2025, 13:23

Type Values Removed Values Added
First Time Boyiddha automated-mess-management-system
Boyiddha
CPE cpe:2.3:a:boyiddha:automated-mess-management-system:1.0:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 6.1
References () https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/boyiddha%20utomated-Mess-Management-System/STORED%20XSS%20member-member-edit.php%20.md - () https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/boyiddha%20utomated-Mess-Management-System/STORED%20XSS%20member-member-edit.php%20.md - Broken Link
References () https://vuldb.com/?ctiid.256052 - () https://vuldb.com/?ctiid.256052 - Permissions Required
References () https://vuldb.com/?id.256052 - () https://vuldb.com/?id.256052 - Permissions Required

08 Mar 2024, 03:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-03-08 03:15

Updated : 2025-03-12 13:23

NVD link : CVE-2024-2285

Mitre link : CVE-2024-2285

JSON object : View

Products Affected

boyiddha

  • automated-mess-management-system
CWE

No CWE.