CVE Details
Basic Information
| Title | Campcodes Online Marriage Registration System user-profile.php cross site scripting |
|---|---|
| Type | cve |
| Published | 2024-03-21T23:00:08.813Z |
| Modified | 2024-08-01T19:25:41.754Z |
Product Information
| Vendor | Campcodes |
|---|---|
| Product | Online Marriage Registration System |
| Version | 1.0 |
CVSS Information
| Base Score | 3.5 (LOW) |
|---|---|
| Attack Vector | CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N |
AI Analysis
| AI Description | This is a low-severity cross-site scripting (XSS) vulnerability in the Campcodes Online Marriage Registration System version 1.0. It affects the user-profile.php file, specifically the lname argument, allowing remote attackers to inject scripts. While the CVSS score is low, XSS vulnerabilities can still pose risks and should be addressed. |
|---|---|
| AI Severity | Low |
| AI Vendor | Campcodes |
| AI Product | Online Marriage Registration System |
| AI Version | 1.0 |
Affected Products
- Campcodes Online Marriage Registration System 1.0
Additional Information
| CWE List | CWE-79 |
|---|---|
| Source | VulDB |
Description
A vulnerability, which was classified as problematic, has been found in Campcodes Online Marriage Registration System 1.0. This issue affects some unknown processing of the file /user/user-profile.php. The manipulation of the argument lname leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-257609 was assigned to this vulnerability.