Lucene search

[email protected]NVD:CVE-2023-27666

HistoryApr 14, 2023 - 12:15 p.m.

CVE-2023-27666

2023-04-1412:15:07

CWE-79

[email protected]

web.nvd.nist.gov

auto dealer management

xss vulnerability

systemsettings

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

49.1%

JSON

Auto Dealer Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the name parameter at /classes/SystemSettings.php?f=update_settings.

Affected configurations

Nvd

Node

auto_dealer_management_system_projectauto_dealer_management_systemMatch1.0

VendorProductVersionCPE
auto_dealer_management_system_projectauto_dealer_management_system1.0cpe:2.3:a:auto_dealer_management_system_project:auto_dealer_management_system:1.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
auto_dealer_management_system_project	auto_dealer_management_system	1.0	cpe:2.3:a:auto_dealer_management_system_project:auto_dealer_management_system:1.0:::::::*

References

auto.com

gist.github.com/Flower-fertilizer/a1fb260c02353906f2d2808656dd1559

www.sourcecodester.com/php/15371/auto-dealer-management-system-phpoop-free-source-code.html

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

49.1%

JSON

Related for NVD:CVE-2023-27666

cvelist1 cve1 prion1