CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-35582

A cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Department input field.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 47.0%

CVSS Severity

CVSS v3 Score 6.1

References

https://github.com/r04i7/CVE/blob/main/CVE-2024-35582.md
https://owasp.org/www-community/attacks/xss/
https://portswigger.net/web-security/cross-site-scripting/stored
https://github.com/r04i7/CVE/blob/main/CVE-2024-35582.md
https://owasp.org/www-community/attacks/xss/
https://portswigger.net/web-security/cross-site-scripting/stored

Products affected by CVE-2024-35582

Oretnom23 » Computer Laboratory Management System » Version: 1.0

cpe:2.3:a:oretnom23:computer_laboratory_management_system:1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-35582

Products

Pricing

Contact Us