CVE-2024-0781— CodeAstro Internet Banking System pages_client_signup.php redirect
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2024-0781
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
CodeAstro Internet Banking System pages_client_signup.php redirect
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability, which was classified as problematic, was found in CodeAstro Internet Banking System 1.0. This affects an unknown part of the file pages_client_signup.php. The manipulation of the argument Client Full Name with the input <meta http-equiv="refresh" content="0; url=https://vuldb.com" /> leads to open redirect. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-251697 was assigned to this vulnerability.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
指向未可信站点的URL重定向(开放重定向)
Source: NVD (National Vulnerability Database)
Vulnerability Title
CodeAstro Internet Banking System 输入验证错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
CodeAstro Internet Banking System是CodeAstro公司的一个PHP网上银行系统。 CodeAstro Internet Banking System 1.0版本存在输入验证错误漏洞,该漏洞源于pages_client_signup.php 中包含未知部分,使用特定输入通过参数 Client Full Name 会导致重定向。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| CodeAstro | Internet Banking System | 1.0 | - |
II. Public POCs for CVE-2024-0781
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2024-0781
请登录查看更多情报信息。
IV. Related Vulnerabilities
Same product: Internet Banking System
- CVE-2024-0773
CodeAstro Internet Banking System pages_client_signup.php cr - CVE-2024-0194
CodeAstro Internet Banking System Profile Picture pages_acco - CVE-2023-5699
CodeAstro Internet Banking System pages_view_client.php cros - CVE-2023-5698
CodeAstro Internet Banking System pages_deposit_money.php cr - CVE-2023-5697
CodeAstro Internet Banking System pages_withdraw_money.php c
Same vendor: CodeAstro
- CVE-2026-8231
CodeAstro Online Catering Ordering System deleteorder.php sq - CVE-2026-8132
CodeAstro Leave Management System login.php sql injection - CVE-2026-8097
CodeAstro Online Classroom askquery.php sql injection - CVE-2026-7745
CodeAstro Online Classroom facultydetails sql injection - CVE-2026-7744
CodeAstro Online Classroom addnewstudent sql injection
Same weakness: CWE-601
- CVE-2026-42350
Kargo: Open Redirect in UI OIDC Login Flow via redirectTo Qu - CVE-2026-42195
Unvalidated gitlab URL parameter redirects OAuth authorize s - CVE-2026-3318
Multiple vulnerabilities in Cradle e-commerce - CVE-2026-42259
Saltcorn: Open Redirect in `POST /auth/login` due to incompl - CVE-2026-6795
Open Redirect in DivvyDrive Information Technologies' DivvyD
V. Comments for CVE-2024-0781
No comments yet