CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-25854

Cross Site Scripting (XSS) vulnerability in Sourcecodester Insurance Management System 1.0 allows attackers to run arbitrary code via the Subject and Description fields when submitting a support ticket.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 25.7%

CVSS Severity

CVSS v3 Score 6.1

References

https://github.com/hakkitoklu/hunt/blob/main/Insurance%20Management%20System%20PHP%20and%20MySQL%201.0/xss.md
https://github.com/hakkitoklu/hunt/blob/main/Insurance%20Management%20System%20PHP%20and%20MySQL%201.0/xss.md

Products affected by CVE-2024-25854

Munyweki » Insurance Management System » Version: 1.0

cpe:2.3:a:munyweki:insurance_management_system:1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-25854

Products

Pricing

Contact Us