CVE-2023-39115

CRITICAL

Campcodes Online Matrimonial Website System Script <3.3 - XSS

Title source: llm

Description

install/aiz-uploader/upload in Campcodes Online Matrimonial Website System Script 3.3 allows XSS via a crafted SVG document.

Exploits (3)

exploitdb WORKING POC
by Rajdip Dey Sarkar · textwebappsphp
https://www.exploit-db.com/exploits/51656
nomisec WRITEUP
by 0xrajdip · poc
https://github.com/0xrajdip/CVE-2023-39115
nomisec WRITEUP
by Raj789-sec · poc
https://github.com/Raj789-sec/CVE-2023-39115

References (4)

Scores

CVSS v3 9.8
EPSS 0.0178
EPSS Percentile 82.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-434
Status published
Products (1)
campcodes/complete_online_matrimonial_website_system_script 3.3
Published Aug 16, 2023
Tracked Since Feb 18, 2026