CVE-2023-3465

Published: Jun 29, 2023Modified: Nov 21, 2024

6.1

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Exploitability: 2.8 / Impact: 2.7

Source: NVD

Description

A vulnerability was found in SimplePHPscripts Classified Ads Script 1.8. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file user.php of the component HTTP POST Request Handler. The manipulation of the argument title leads to cross site scripting. The attack can be launched remotely. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-232711.

Affected (1)

Products: Simplephpscripts: Classified Ads Script Php

Simplephpscripts

1 product

Classified Ads Script Php

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Simplephpscripts Classified Ads Script Php	Version 1.8

Related CWEs

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

References (6)

https://simplephpscripts.com/guestbook-script-php/guestbook/preview.php

Source: cna@vuldb.com

Not Applicable

https://vuldb.com/?ctiid.232711

Source: cna@vuldb.com

Permissions RequiredThird Party Advisory

https://vuldb.com/?id.232711

Source: cna@vuldb.com

Third Party Advisory

https://simplephpscripts.com/guestbook-script-php/guestbook/preview.php

Source: af854a3a-2127-422b-91ae-364da2661108

Not Applicable

https://vuldb.com/?ctiid.232711

Source: af854a3a-2127-422b-91ae-364da2661108

Permissions RequiredThird Party Advisory

https://vuldb.com/?id.232711

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.