CVE-2024-51031

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

A Cross-site Scripting (XSS) vulnerability in manage_account.php in Sourcecodester Cab Management System 1.0 allows remote authenticated users to inject arbitrary web scripts via the "First Name," "Middle Name," and "Last Name" fields.

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2024-10-28 CVE Reserved
2024-11-08 CVE Published
2024-11-08 CVE Updated
2024-11-08 First Exploit
2024-11-09 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CAPEC

References (2)

URL	Tag	Source
https://www.sourcecodester.com/php/15180/cab-management-system-phpoop-free-source-code.html

URL	Date	SRC
https://github.com/vighneshnair7/CVE-2024-51031	2024-11-08

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
-		-				-		-		-