A vulnerability classified as problematic has been found in SourceCodester Online Courseware 1.0. Affected is an unknown function of the file /pcci/admin/saveeditt.php of the component Edit Teacher. The manipulation of the argument fname leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
History

Mon, 10 Feb 2025 14:30:00 +0000

Type Values Removed Values Added
First Time appeared Argie
Argie online Courseware
CPEs cpe:2.3:a:argie:online_courseware:1.0:*:*:*:*:*:*:*
Vendors & Products Argie
Argie online Courseware

Wed, 29 Jan 2025 02:15:00 +0000

Type Values Removed Values Added
Description A vulnerability classified as problematic has been found in SourceCodester Online Courseware 1.0. Affected is an unknown function of the file /pcci/admin/saveeditt.php of the component Edit Teacher. The manipulation of the argument fname leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Title SourceCodester Online Courseware Edit Teacher saveeditt.php cross site scripting
Weaknesses CWE-79
CWE-94
References
Metrics cvssV2_0

{'score': 3.3, 'vector': 'AV:N/AC:L/Au:M/C:N/I:P/A:N'}

cvssV3_0

{'score': 2.4, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N'}

cvssV3_1

{'score': 2.4, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N'}

cvssV4_0

{'score': 5.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2025-02-12T19:51:15.855Z

Reserved: 2025-01-28T14:44:13.721Z

Link: CVE-2025-0800

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2025-01-29T02:15:27.373

Modified: 2025-02-10T14:11:58.423

Link: CVE-2025-0800

cve-icon Redhat

No data.