← Voltar para CVEs

CVE-2025-9755

MEDIUM

4.3

Descricao

A vulnerability has been found in Khanakag-17 Library Management System up to 60ed174506094dcd166e34904a54288e5d10ff24. This affects an unknown function of the file /index.php. The manipulation of the argument msg leads to cross site scripting. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used. This product follows a rolling release approach for continuous delivery, so version details for affected or updated releases are not provided.

Detalhes CVE

Pontuacao CVSS v3.14.3

SeveridadeMEDIUM

Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Vetor de ataqueNETWORK

ComplexidadeLOW

Privilegios necessariosNONE

Interacao do usuarioREQUIRED

Publicado9/1/2025

Ultima modificacao9/5/2025

Fontenvd

Avistamentos honeypot0

Produtos afetados

khanakag-17:library_management_system

Fraquezas (CWE)

CWE-79CWE-94CWE-79

Referencias

https://gist.github.com/0xSebin/147e7f57daf7f270d957927892b0a51d(cna@vuldb.com)

https://vuldb.com/?ctiid.322056(cna@vuldb.com)

https://vuldb.com/?id.322056(cna@vuldb.com)

https://vuldb.com/?submit.640660(cna@vuldb.com)

https://gist.github.com/0xSebin/147e7f57daf7f270d957927892b0a51d(134c704f-9b21-4f2e-91b3-4a467353bcc0)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.