A vulnerability classified as problematic was found in PHPGurukul Online Shopping Portal 2.0. This vulnerability affects unknown code of the file /admin/assets/plugins/DataTables/media/unit_testing/templates/dom_data_th.php. The manipulation of the argument scripts leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
References
Link | Resource |
---|---|
https://github.com/secuserx/CVE/blob/main/%5BXSS%20vulnerability%5D%20found%20in%20Online%20Shopping%20Portal%202.0%20-%20(dom_data_th.php).md | Exploit |
https://phpgurukul.com/ | Product |
https://vuldb.com/?ctiid.282916 | Permissions Required VDB Entry |
https://vuldb.com/?id.282916 | Third Party Advisory VDB Entry |
https://vuldb.com/?submit.436115 | Exploit Third Party Advisory VDB Entry |
Configurations
History
No history.
Information
Published : 2024-11-04 00:15
Updated : 2024-11-05 20:12
NVD link : CVE-2024-10747
Mitre link : CVE-2024-10747
CVE.ORG link : CVE-2024-10747
JSON object : View
Products Affected
phpgurukul
- online_shopping_portal
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')