CVE-2024-3433

MEDIUM Year: 2024
CVSS v3 Score
5.4
Medium
CVSS v2 Score
4.0
Medium
Weakness Type
CWE-79
View all →

Vulnerability Description

A vulnerability classified as problematic has been found in PuneethReddyHC Event Management 1.0. Affected is an unknown function of the file /backend/register.php. The manipulation of the argument event_id/full_name/email/mobile/college/branch leads to cross site scripting. It is possible to launch the attack remotely. VDB-259614 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Related Vulnerabilities

CVE-2006-10001

MEDIUM
CVSS:5.4(Medium)

A vulnerability, which was classified as problematic, was found in Subscribe to Comments Plugin up to 2.0.7 on WordPress. This affects an unknown part of the file subscribe-to-comments.php. The manipu...

CWE-792006

CVE-2007-1679

MEDIUM
CVSS:5.4(Medium)

Multiple cross-site scripting (XSS) vulnerabilities in Horde Groupware Webmail 1.0 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors in (1) imp/search.php...

CWE-792007

CVE-2010-10008

MEDIUM
CVSS:5.4(Medium)

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in simplesamlphp simplesamlphp-module-openidprovider up to 0.8.x. It has been declared as problematic. Affected by this vulnerability is an un...

CWE-792010

CVE-2010-3659

MEDIUM
CVSS:5.4(Medium)

Multiple cross-site scripting (XSS) vulnerabilities in TYPO3 CMS 4.1.x before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4, and 4.4.x before 4.4.1 allow remote authenticated backend users to inject...

CWE-792010

CVE-2010-3660

MEDIUM
CVSS:5.4(Medium)

TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows XSS on the backend.

CWE-792010

CVE-2010-3665

MEDIUM
CVSS:5.4(Medium)

TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows XSS on the Extension Manager.

CWE-792010