SourceCodester Design and Implementation of Covid-19 Directory on Vaccination System register.php cross site scripting
CVE-2023-1354

6.1MEDIUM

Key Information:

Vendor

SourceCodester
Status
Design and Implementation of Covid-19 Directory on Vaccination System
Vendor
CVE Published:
11 March 2023

What is CVE-2023-1354?

A vulnerability has been found in SourceCodester Design and Implementation of Covid-19 Directory on Vaccination System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file register.php. The manipulation of the argument txtfullname/txtage/txtaddress/txtphone leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-222853 was assigned to this vulnerability.

Affected Version(s)

Design and Implementation of Covid-19 Directory on Vaccination System 1.0

References

https://vuldb.com/?id.222853
vdb-entrytechnical-description
https://vuldb.com/?ctiid.222853
signaturepermissions-required
https://github.com/E1CHO/cve_hub/blob/main/covid-19-vacci...
exploit

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

SSL_Seven_Security Lab_WangZhiQiang_XiaoZiLong (VulDB User)
JSON
.