CVE-2024-3364

LOW

SourceCodester Online Library System 1.0 - XSS

Title source: llm

Description

A vulnerability was found in SourceCodester Online Library System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file admin/books/index.php. The manipulation of the argument id leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-259468.

References (4)

[Exploit, Third Party Advisory] https://github.com/thisissuperann/Vul/blob/main/Online-Library-System-06.md

View Exploit ZIP pw:eip

[Permissions Required, VDB Entry] https://vuldb.com/?ctiid.259468

[Third Party Advisory, VDB Entry] https://vuldb.com/?id.259468

[Third Party Advisory, VDB Entry] https://vuldb.com/?submit.310431

Scores

CVSS v3 3.5

EPSS 0.0009

EPSS Percentile 25.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

Classification

CWE

CWE-79

Status published

Affected Products (1)

janobe/online_library_system

Timeline

Published Apr 06, 2024

Tracked Since Feb 18, 2026