{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2024-5374","assignerOrgId":"1af790b2-7ee1-4545-860a-a788eba489b5","state":"PUBLISHED","assignerShortName":"VulDB","dateReserved":"2024-05-25T06:17:01.958Z","datePublished":"2024-05-26T19:31:03.468Z","dateUpdated":"2024-08-01T21:11:12.483Z"},"containers":{"cna":{"providerMetadata":{"orgId":"1af790b2-7ee1-4545-860a-a788eba489b5","shortName":"VulDB","dateUpdated":"2024-05-26T19:31:03.468Z"},"title":"Kashipara College Management System submit_new_faculty.php cross site scripting","problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-79","lang":"en","description":"CWE-79 Cross Site Scripting"}]}],"affected":[{"vendor":"Kashipara","product":"College Management System","versions":[{"version":"1.0","status":"affected"}]}],"descriptions":[{"lang":"en","value":"A vulnerability, which was classified as problematic, was found in Kashipara College Management System 1.0. Affected is an unknown function of the file submit_new_faculty.php. The manipulation of the argument address leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-266286 is the identifier assigned to this vulnerability."},{"lang":"de","value":"Es wurde eine Schwachstelle in Kashipara College Management System 1.0 gefunden. Sie wurde als problematisch eingestuft. Hiervon betroffen ist ein unbekannter Codeblock der Datei submit_new_faculty.php. Durch das Beeinflussen des Arguments address mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. Der Exploit steht zur öffentlichen Verfügung."}],"metrics":[{"cvssV4_0":{"version":"4.0","baseScore":5.3,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N","baseSeverity":"MEDIUM"}},{"cvssV3_1":{"version":"3.1","baseScore":3.5,"vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N","baseSeverity":"LOW"}},{"cvssV3_0":{"version":"3.0","baseScore":3.5,"vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N","baseSeverity":"LOW"}},{"cvssV2_0":{"version":"2.0","baseScore":4,"vectorString":"AV:N/AC:L/Au:S/C:N/I:P/A:N"}}],"timeline":[{"time":"2024-05-25T00:00:00.000Z","lang":"en","value":"Advisory disclosed"},{"time":"2024-05-25T02:00:00.000Z","lang":"en","value":"VulDB entry created"},{"time":"2024-05-25T08:22:24.000Z","lang":"en","value":"VulDB entry last update"}],"credits":[{"lang":"en","value":"SSL_Seven_Security Lab_WangZhiQiang_XiaoZiLong (VulDB User)","type":"reporter"}],"references":[{"url":"https://vuldb.com/?id.266286","name":"VDB-266286 | Kashipara College Management System submit_new_faculty.php cross site scripting","tags":["vdb-entry","technical-description"]},{"url":"https://vuldb.com/?ctiid.266286","name":"VDB-266286 | CTI Indicators (IOB, IOC, TTP, IOA)","tags":["signature","permissions-required"]},{"url":"https://vuldb.com/?submit.343454","name":"Submit #343454 | Kashipara College Management System ≤1.0 XSS injection","tags":["third-party-advisory"]},{"url":"https://github.com/E1CHO/cve_hub/blob/main/College%20Management%20System%20-%20xss/College%20Management%20System%20-%20vuln%208.pdf","tags":["exploit"]}]},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-07-18T18:41:08.161303Z","id":"CVE-2024-5374","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-07-18T18:41:18.505Z"}},{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-01T21:11:12.483Z"},"title":"CVE Program Container","references":[{"url":"https://vuldb.com/?id.266286","name":"VDB-266286 | Kashipara College Management System submit_new_faculty.php cross site scripting","tags":["vdb-entry","technical-description","x_transferred"]},{"url":"https://vuldb.com/?ctiid.266286","name":"VDB-266286 | CTI Indicators (IOB, IOC, TTP, IOA)","tags":["signature","permissions-required","x_transferred"]},{"url":"https://vuldb.com/?submit.343454","name":"Submit #343454 | Kashipara College Management System ≤1.0 XSS injection","tags":["third-party-advisory","x_transferred"]},{"url":"https://github.com/E1CHO/cve_hub/blob/main/College%20Management%20System%20-%20xss/College%20Management%20System%20-%20vuln%208.pdf","tags":["exploit","x_transferred"]}]}]}}