SourceCodester Profile Registration 1.0 add.php Reflected XSS Vulnerability (CVE-2024-9092)

Key Information 1. Vulnerability ID: - VDB-278270 - CVE-2024-9092 2. Vulnerability Name: - SourceCodester Profile Registration without Reload Refresh 1.0 Registration Form Add.php Full_Name Cross Site Scripting 3. CVSS Meta Temp Score: - 3.3 4. Current Vulnerability Price: - $0-$5k 5. CTI Interest Score: - 4.78 6. Vulnerability Description: - This vulnerability exists in the file of SourceCodester Profile Registration without Reload Refresh 1.0, which is part of the Registration Form component. Through an unknown processing mechanism, attackers can exploit the parameter to perform Cross-Site Scripting (XSS). 7. Impact: - The vulnerability affects certain unknown processing mechanisms, leading to Cross-Site Scripting. Attackers can exploit this vulnerability to inject malicious scripts into users' web pages without their knowledge, thereby executing malicious operations. 8. Exploitation: - The vulnerability has been publicly disclosed, and known exploitation methods involve remote attacks. Successful exploitation requires interaction between the user and the attacker. 9. Vulnerability ID: - CVE-2024-9092 10. Vulnerability Type: - T1059.007 (MITRE ATT&CK) 11. Exploitation Tools: - Exploitation tools for this vulnerability can be found on github.com. 12. Affected Scope: - The vulnerability affects users of SourceCodester Profile Registration without Reload Refresh 1.0. 13. Recommended Actions: - It is recommended to replace the affected component or product. Related Links VDB-81806 VDB-83007 VDB-83329 VDB-83613 Additional Information Release Date: - 1997-2024 vuldb.com License: - CC BY-NC-SA

Goal Reached Thanks to every supporter — we hit 100%!

SourceCodester Profile Registration 1.0 add.php Reflected XSS Vulnerability (CVE-2024-9092)