install/aiz-uploader/upload in Campcodes Online Matrimonial Website System Script 3.3 allows XSS via a crafted SVG document.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors Products
Campcodes
  • Complete Online Matrimonial Website System Script

Configuration 1 [-]

cpe:2.3:a:campcodes:complete_online_matrimonial_website_system_script:3.3:*:*:*:*:*:*:*
References
Link Resource
http://packetstormsecurity.com/files/173950/Campcodes-Online-Matrimonial-Website-System-3.3-Cross-Site-Scripting.html Exploit Third Party Advisory VDB Entry
https://github.com/Raj789-sec/CVE-2023-39115 Third Party Advisory
https://www.campcodes.com/projects/php/online-matrimonial-website-system-script-in-php/ Product
https://www.exploit-db.com/exploits/51656 Exploit Third Party Advisory VDB Entry
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2023-08-16T00:00:00

Updated: 2023-08-17T15:07:38.175520

Reserved: 2023-07-25T00:00:00

Link: CVE-2023-39115

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2023-08-16T15:15:11.113

Modified: 2023-08-22T18:14:03.050

Link: CVE-2023-39115

JSON object: View

cve-icon Redhat Information

No data.

CWE