Lucene search

[email protected]NVD:CVE-2023-39115

HistoryAug 16, 2023 - 3:15 p.m.

CVE-2023-39115

2023-08-1615:15:11

CWE-434

[email protected]

web.nvd.nist.gov

cve-2023-39115

install

aiz-uploader

upload

campcodes

online

matrimonial

website

system

script

xss

crafted

svg

document

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8.9

Confidence

High

EPSS

0.022

Percentile

89.7%

JSON

install/aiz-uploader/upload in Campcodes Online Matrimonial Website System Script 3.3 allows XSS via a crafted SVG document.

Affected configurations

Nvd

Node

campcodescomplete_online_matrimonial_website_system_scriptMatch3.3

VendorProductVersionCPE
campcodescomplete_online_matrimonial_website_system_script3.3cpe:2.3:a:campcodes:complete_online_matrimonial_website_system_script:3.3:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
campcodes	complete_online_matrimonial_website_system_script	3.3	cpe:2.3:a:campcodes:complete_online_matrimonial_website_system_script:3.3:::::::*

References

packetstormsecurity.com/files/173950/Campcodes-Online-Matrimonial-Website-System-3.3-Cross-Site-Scripting.html

github.com/Raj789-sec/CVE-2023-39115

www.campcodes.com/projects/php/online-matrimonial-website-system-script-in-php/

www.exploit-db.com/exploits/51656

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8.9

Confidence

High

EPSS

0.022

Percentile

89.7%

JSON

Related for NVD:CVE-2023-39115

prion1 cve1 exploitdb1 cvelist1 packetstorm1 zdt1