CVE-2023-39115 | Severity.io

Description

install/aiz-uploader/upload in Campcodes Online Matrimonial Website System Script 3.3 allows XSS via a crafted SVG document.

Related CPE's

complete_online_matrimonial_website_system_script

Vulnerable

References

http://packetstormsecurity.com/files/173950/Campcodes-Online-Matrimonial-Website-System-3.3-Cross-Site-Scripting.html

ExploitThird Party AdvisoryVDB Entry

https://github.com/Raj789-sec/CVE-2023-39115

Third Party Advisory

https://www.campcodes.com/projects/php/online-matrimonial-website-system-script-in-php/

Product

https://www.exploit-db.com/exploits/51656

ExploitThird Party AdvisoryVDB Entry

http://packetstormsecurity.com/files/173950/Campcodes-Online-Matrimonial-Website-System-3.3-Cross-Site-Scripting.html

ExploitThird Party AdvisoryVDB Entry

https://github.com/Raj789-sec/CVE-2023-39115

Third Party Advisory

https://www.campcodes.com/projects/php/online-matrimonial-website-system-script-in-php/

Product

https://www.exploit-db.com/exploits/51656

ExploitThird Party AdvisoryVDB Entry

Weaknesses

[email protected]

Primary

CWE-434

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.8 · Critical

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2023-08-16T13:15:11.113Z

2 years ago

Last modified

2024-11-21T07:14:45.650Z

1 year ago