Vulnerability Details CVE-2024-40487
A Stored Cross Site Scripting (XSS) vulnerability was found in "/view_type.php" of Kashipara Live Membership System v1.0, which allows remote attackers to execute arbitrary code via membershipType parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.016
EPSS Ranking 80.9%
CVSS Severity
CVSS v3 Score 7.6
References
Products affected by CVE-2024-40487
-
cpe:2.3:a:lopalopa:live_membership_system:1.0