SimplePHPscripts Classified Ads Script URL Parameter preview.php cross site scripting
CVE-2023-3464

6.1MEDIUM

Key Information:

Vendor

SimplePHPscripts

Status
Classified Ads Script
Vendor
CVE Published:
29 June 2023

What is CVE-2023-3464?

A vulnerability was found in SimplePHPscripts Classified Ads Script 1.8. It has been classified as problematic. Affected is an unknown function of the file /preview.php of the component URL Parameter Handler. The manipulation of the argument p leads to cross site scripting. It is possible to launch the attack remotely. It is recommended to upgrade the affected component. VDB-232710 is the identifier assigned to this vulnerability.

Affected Version(s)

Classified Ads Script 1.8

References

https://vuldb.com/?id.232710
vdb-entrytechnical-description
https://vuldb.com/?ctiid.232710
signaturepermissions-required
https://simplephpscripts.com/guestbook-script-php/guestbo...
patch

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.