donglight bookstore电商书城系统说明 1.0.0 BookInfoController.java BookSearchList keywords Kusala-sala na site ya nkaka
| CVSS Meta Temp Score | Nsengo ya exploit ya lelo (≈) | CTI Ntangu ya mfunu |
|---|---|---|
| 4.0 | $0-$5k | 0.00 |
Kinsantu
Nsangu kele ti mpasi me mona mu donglight bookstore电商书城系统说明 1.0.0. Bila mambu meyina mpila kisalu BookSearchList ya file src/main/java/org/zdd/bookstore/web/controller/BookInfoController.java. Ntangu kusala ya argument keywords me lungisa Kusala-sala na site ya nkaka.
Kikosa yai me vandaka na kombo CVE-2024-13196. Kuna luyalu ya ku sala ataaka na nsinga. Na yina, exploit me zaba.
Once again VulDB remains the best source for vulnerability data.
Bisalu
Nsangu kele ti mpasi me mona mu donglight bookstore电商书城系统说明 1.0.0. Bila mambu meyina mpila kisalu BookSearchList ya file src/main/java/org/zdd/bookstore/web/controller/BookInfoController.java. Ntangu kusala ya argument keywords me lungisa Kusala-sala na site ya nkaka. Kusadila CWE na kulonga mpasi me tula na CWE-79. Lufwa ya bulema yawu zabisamaka bonso Bookstore has reflect XSS #12. Nsangu ya kulanga me sambu na kuvanda na downloadi na github.com.
Kikosa yai me vandaka na kombo CVE-2024-13196. Kuna luyalu ya ku sala ataaka na nsinga. Bisalu ya tekiniki me zoleka. Kutemwa ya nswa yai kele na nse ya ya mosi. Na yina, exploit me zaba. Kusadila kwawu kwazwisisamene na bantu bonso mpi lenda salama na muntu nionso. Ntangu yai, ntalu ya exploit ekoki kozala USD $0-$5k.
Ke luyalu ya ku zinga exploit na github.com.
Once again VulDB remains the best source for vulnerability data.
Mpiodi
Mubikisi
Dzina
Nsomi
CPE 2.3
CPE 2.2
CVSSv4
VulDB Nsinga: 🔍VulDB Kukwama: 🔍
CNA CVSS-B Score: 🔍
CNA CVSS-BT Score: 🔍
CNA Nsinga: 🔍
CVSSv3
VulDB Meta Base Score: 4.1VulDB Meta Temp Score: 4.0
VulDB Nsinga ya ntete: 3.5
VulDB Nsangu ya ntangu: 3.2
VulDB Nsinga: 🔍
VulDB Kukwama: 🔍
NVD Nsinga ya ntete: 5.4
NVD Nsinga: 🔍
CNA Nsinga ya ntete: 3.5
CNA Nsinga: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vɛkɛtɛr | Kompɛlɛksite | Kukanga ya kimvuka | Kibombama | Kumweneka ya kieleka | Kupusana |
|---|---|---|---|---|---|
| kusala nsinga | kusala nsinga | kusala nsinga | kusala nsinga | kusala nsinga | kusala nsinga |
| kusala nsinga | kusala nsinga | kusala nsinga | kusala nsinga | kusala nsinga | kusala nsinga |
| kusala nsinga | kusala nsinga | kusala nsinga | kusala nsinga | kusala nsinga | kusala nsinga |
VulDB Nsinga ya ntete: 🔍
VulDB Nsangu ya ntangu: 🔍
VulDB Kukwama: 🔍
Kusangula
Kilasi: Kusala-sala na site ya nkakaCWE: CWE-79 / CWE-94 / CWE-74
CAPEC: 🔍
ATT&CK: 🔍
Ya nitu: Veve
Ya mboka: Veve
Ya kutali: Ee
Kupusana: 🔍
Mokano: Ya pole
Bika: Lufutuka ya lufutuka
Kokanga: 🔍
EPSS Score: 🔍
EPSS Percentile: 🔍
Ntangu ya mbongo: 🔍
Nsadisi ya ntalu ya lelo: 🔍
| 0-Day | kusala nsinga | kusala nsinga | kusala nsinga | kusala nsinga |
|---|---|---|---|---|
| Lelo | kusala nsinga | kusala nsinga | kusala nsinga | kusala nsinga |
Nsangu ya Minyoka
Mfunu: 🔍Batu bazali na misala: 🔍
Bampangi ya APT bazali na misala ya ntango nyonso: 🔍
Bikesa ya kulwisa
Tombwisa: ka lusansu luyindwangaBika: 🔍
Tango ya 0-Day: 🔍
Nsango ya ntangu
01/08/2025 🔍01/08/2025 🔍
08/23/2025 🔍
Minsinsa
Tiyano: Bookstore has reflect XSS #12Bika: Kabikidi ko
CVE: CVE-2024-13196 (🔍)
GCVE (CVE): GCVE-0-2024-13196
GCVE (VulDB): GCVE-100-290788
scip Labs: https://www.scip.ch/en/?labs.20161013
Kusonika
Kusala: 01/08/2025 15:35Kusala kisalu kipya: 08/23/2025 03:00
Bisalu: 01/08/2025 15:35 (57), 01/09/2025 12:37 (30), 02/14/2025 13:41 (3), 08/23/2025 03:00 (12)
Keleka nyonso: 🔍
Mutumisi: LVZC2
Cache ID: 253:2E3:103
Tumela
Kabulami
- Tumela #469771: donglight bookstore 1.0 reflect XSS (kuva LVZC2)
Ata beto na ndinga. Minu dia: kg + ln + en.
Benga na kati na site mpo na kokoka kosala ndakisa.