CVE Details
Basic Information
| Title | Kashipara College Management System delete_faculty.php cross site scripting |
|---|---|
| Type | cve |
| Published | 2024-05-26T16:00:04.890Z |
| Modified | 2024-08-01T21:11:12.434Z |
Product Information
| Vendor | Kashipara |
|---|---|
| Product | College Management System |
| Version | 1.0 |
CVSS Information
| Base Score | 5.3 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N |
AI Analysis
| AI Description | A cross-site scripting (XSS) vulnerability was discovered in Kashipara College Management System 1.0, specifically within the delete_faculty.php file. This issue allows remote attackers to inject malicious scripts, potentially leading to security breaches. The CVSS score of 5.3 indicates a medium severity level. |
|---|---|
| AI Severity | Medium |
| AI Vendor | Kashipara |
| AI Product | Kashipara College Management System |
| AI Version | 1.0 |
Affected Products
- Kashipara College Management System 1.0
Additional Information
| CWE List | CWE-79 |
|---|---|
| Source | VulDB |
Description
A vulnerability was found in Kashipara College Management System 1.0. It has been classified as problematic. Affected is an unknown function of the file delete_faculty.php. The manipulation of the argument id leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-266280.