Cross Site Scripting Vulnerability in Online Job Finder System 1.0
CVE-2024-2684

6.1MEDIUM

Key Information:

Vendor
Campcodes
Status
Online Job Finder System
Vendor
CVE Published:
20 March 2024

Badges

👾 Exploit Exists

Summary

A vulnerability, which was classified as problematic, has been found in Campcodes Online Job Finder System 1.0. Affected by this issue is some unknown functionality of the file /admin/category/index.php. The manipulation of the argument view leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-257384.

Affected Version(s)

Online Job Finder System 1.0

References

https://vuldb.com/?id.257384
vdb-entrytechnical-description
https://vuldb.com/?ctiid.257384
signaturepermissions-required
https://github.com/E1CHO/cve_hub/blob/main/Online%20Job%2...
exploit

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

SSL_Seven_Security Lab_WangZhiQiang_XiaoZiLong (VulDB User)
.
CVE-2024-2684 : Cross Site Scripting Vulnerability in Online Job Finder System 1.0 | SecurityVulnerability.io