Skip to main content

Online Marriage Registration System CVE-2024-28456

MEDIUM
Cross-site Scripting (XSS) (CWE-79)
2024-03-28 cve@mitre.org
5.4
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.4 MEDIUM
AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
Required
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
None

Lifecycle Timeline

1
CVE Published
Mar 28, 2024 - 23:15 nvd
MEDIUM 5.4

DescriptionNVD

Cross Site Scripting vulnerability in Campcodes Online Marriage Registration System v.1.0 allows a remote attacker to execute arbitrary code via the text fields in the marriage registration request form.

AnalysisAI

Cross Site Scripting vulnerability in Campcodes Online Marriage Registration System v.1.0 allows a remote attacker to execute arbitrary code via the text fields in the marriage registration request. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Technical ContextAI

This vulnerability is classified as Cross-Site Scripting (XSS) (CWE-79), which allows attackers to inject malicious scripts into web pages viewed by other users. Cross Site Scripting vulnerability in Campcodes Online Marriage Registration System v.1.0 allows a remote attacker to execute arbitrary code via the text fields in the marriage registration request form. Affected products include: Campcodes Online Marriage Registration System.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Sanitize all user input, use Content-Security-Policy headers, encode output contextually (HTML, JS, URL). Use frameworks with built-in XSS protection.

CVE-2024-50989 CRITICAL POC
9.8 Nov 11

A SQL injection vulnerability in /omrs/admin/search.php in PHPGurukul Online Marriage Registration System v1.0 allows an

CVE-2020-35151 HIGH POC
8.8 Dec 21

The Online Marriage Registration System 1.0 post parameter "searchdata" in the user/search.php request is vulnerable to

CVE-2024-2776 MEDIUM POC
6.5 Mar 22

A vulnerability, which was classified as critical, was found in Campcodes Online Marriage Registration System 1.0. Rated

CVE-2024-2774 MEDIUM POC
6.5 Mar 21

A vulnerability classified as critical was found in Campcodes Online Marriage Registration System 1.0. Rated medium seve

CVE-2024-50990 MEDIUM POC
6.1 Nov 11

A Reflected Cross Site Scriptng (XSS) vulnerability was found in /omrs/user/search.php in PHPGurukul Online Marriage Reg

CVE-2024-2780 MEDIUM POC
6.1 Mar 22

A vulnerability was found in Campcodes Online Marriage Registration System 1.0. Rated medium severity (CVSS 6.1), this v

CVE-2024-2778 MEDIUM POC
6.1 Mar 22

A vulnerability was found in Campcodes Online Marriage Registration System 1.0 and classified as problematic. Rated medi

CVE-2024-2775 MEDIUM POC
6.1 Mar 21

A vulnerability, which was classified as problematic, has been found in Campcodes Online Marriage Registration System 1.

CVE-2024-2773 MEDIUM POC
6.1 Mar 21

A vulnerability classified as problematic has been found in Campcodes Online Marriage Registration System 1.0. Rated med

CVE-2024-2779 MEDIUM POC
5.4 Mar 22

A vulnerability was found in Campcodes Online Marriage Registration System 1.0. Rated medium severity (CVSS 5.4), this v

CVE-2024-2777 MEDIUM POC
5.3 Mar 22

A vulnerability has been found in Campcodes/PHPGurukul Online Marriage Registration System 1.0 and classified as critica

CVE-2024-51054 MEDIUM POC
4.8 Nov 11

A Cross Site Scriptng (XSS) vulnerability was found in /omrs/admin/search.php in PHPGurukul Online Marriage Registration

Share

CVE-2024-28456 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy