CVE-2025-0844

Medium CVSS: 6.9

A vulnerability was found in needyamin Library Card System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file signup.php of the component Registration Page. The manipulation of the argument firstname/lastname/email/borrow/user_address leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

Vendor

Needyamin

Product

Library Card System

CWE

CWE-79

Yayın Tarihi

2025-01-30 00:15:41

Güncelleme

2025-02-04 17:17:18

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-79 Library Card System MEDIUM Needyamin 2025

Referanslar

https://vuldb.com/?ctiid.294001 https://vuldb.com/?id.294001 https://vuldb.com/?submit.485558 https://www.websecurityinsights.my.id/2025/01/library-card-system-stored-cross-site.html?m=1

Benzer Kayıtlar

Medium

CVE-2025-1356

A vulnerability was found in needyamin Library Card System 1.0. It has been rated as critical. Affected by this issue is…

Medium

CVE-2025-1355

A vulnerability was found in needyamin Library Card System 1.0. It has been declared as critical. Affected by this vulne…

Medium

CVE-2025-0843

A vulnerability was found in needyamin Library Card System 1.0. It has been classified as critical. Affected is an unkno…

Medium

CVE-2025-0842

A vulnerability was found in needyamin Library Card System 1.0 and classified as critical. This issue affects some unkno…

Medium

CVE-2025-0721

A vulnerability classified as problematic has been found in needyamin image_gallery 1.0. This affects the function image…

Medium

CVE-2025-0722

A vulnerability classified as critical was found in needyamin image_gallery 1.0. This vulnerability affects unknown code…