CVE-2024-3433
CVSS V2 None
CVSS V3 None
Description
A vulnerability classified as problematic has been found in PuneethReddyHC Event Management 1.0. Affected is an unknown function of the file /backend/register.php. The manipulation of the argument event_id/full_name/email/mobile/college/branch leads to cross site scripting. It is possible to launch the attack remotely. VDB-259614 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Overview
- CVE ID
- CVE-2024-3433
- Assigner
- VulDB
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-04-07T23:00:05.894Z
- Last Modified Date
- 2024-04-07T23:00:05.894Z
Weakness Enumerations
References
Reference URL | Reference Tags |
---|---|
https://vuldb.com/?id.259614 | vdb-entry technical-description |
https://vuldb.com/?ctiid.259614 | signature permissions-required |
https://vuldb.com/?submit.307744 | third-party-advisory |
https://packetstormsecurity.com/files/177841/Event-Management-1.0-SQL-Injection.html | related |
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-3433 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3433 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2024-06-23 23:39:21 | Added to TrackCVE |