Vulnerabilities > CVE-2024-11247 - Unspecified vulnerability in Oretnom23 Online Eyewear Shop 1.0

CVSS 5.4 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

NONE

network

low complexity

oretnom23

NVD

Published: 2024-11-15

Updated: 2024-11-19

Summary

A vulnerability has been found in SourceCodester Online Eyewear Shop 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /oews/classes/Master.php?f=save_product of the component Inventory Page. The manipulation of the argument brand leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

Vulnerable Configurations

Part	Description	Count
Application	Oretnom23 Oretnom23 Online Eyewear Shop 1.0	1

References

https://github.com/Fl4g-Pshacker/cve/blob/main/xss.md
https://vuldb.com/?ctiid.284683
https://vuldb.com/?id.284683
https://vuldb.com/?submit.443194
https://www.sourcecodester.com/