CVE-2024-24135

MEDIUM

Remyandrade Product Inventory With Export TO Excel - XSS

Title source: rule

Description

Product Name and Product Code in the 'Add Product' section of Sourcecodester Product Inventory with Export to Excel 1.0 are vulnerable to XSS attacks.

Exploits (1)

nomisec WRITEUP

by BurakSevben · poc

https://github.com/BurakSevben/CVE-2024-24135

View Code ZIP pw:eip

References (1)

[Exploit, Third Party Advisory] https://github.com/BurakSevben/2024_Product_Inventory_with_Export_to_Excel_XSS/

Scores

CVSS v3 6.1

EPSS 0.0075

EPSS Percentile 73.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-79

Status published

Products (1)

remyandrade/product_inventory_with_export_to_excel 1.0

Published Jan 29, 2024

Tracked Since Feb 18, 2026