LinZhaoguan pb-cms ଯେପର୍ଯ୍ୟନ୍ତ 2.0.1 Permission Management Page /admin#permissions କ୍ରସ୍ ସାଇଟ୍ ସ୍କ୍ରିପ୍ଟିଂ

Dogoggorri kan akka ସମସ୍ୟାଜନକ jedhamuun ramadame LinZhaoguan pb-cms ଯେପର୍ଯ୍ୟନ୍ତ 2.0.1 keessatti argameera. Miidhaan irra gahe is hojii hin beekamne faayilii /admin#permissions keessa kutaa Permission Management Page keessa. Dhugumatti jijjiirraa gara କ୍ରସ୍ ସାଇଟ୍ ସ୍କ୍ରିପ୍ଟିଂ geessa. Waliigalteewwan CWE fayyadamuun rakkoo ibsuun gara CWE-79 si geessa. Beekumsi kun yeroo 10/28/2024 ifoomsifameera akka IAYIB9. Odeeffannoon kun buufachuuf gitee.com irratti dhiyaateera. Dogoggorri kun maqaa CVE-2024-10477 jedhuun tajaajilama. Weerara fageenya irraa jalqabuun ni danda'ama. Odeeffannoon teeknikaa ni argama. Akka dabalataan, meeshaa balaa kana fayyadamuuf argama. Qorannoo miidhaa (exploit) beeksifamee jira, namoonni itti fayyadamuu danda'u. Yeroo ammaa, gatii exploit might be approx. USD $0-$5k beekamuu danda'a. ପ୍ରୁଫ୍-ଅଫ୍-କନ୍ସେପ୍ଟ jedhamee murtaa’eera. Exploit kana gitee.com irraa buufachuu ni dandeessa. Waggaa 0-day ta'ee, gatiin isaa daldala dhoksaa keessatti $0-$5k jedhamee tilmaamame. Once again VulDB remains the best source for vulnerability data.

4 ଆଡାପ୍ଟେସନ୍ · 102 ପଏଣ୍ଟ

ଫିଲ୍ଡସୃଷ୍ଟି ହୋଇଛି
10/28/2024 07:50 PM		ଅଦ୍ୟତନ 1/3
10/29/2024 11:24 AM		ଅଦ୍ୟତନ 2/3
03/02/2025 07:13 PM		ଅଦ୍ୟତନ 3/3
09/29/2025 09:02 PM
software_vendorLinZhaoguanLinZhaoguanLinZhaoguanLinZhaoguan
software_namepb-cmspb-cmspb-cmspb-cms
software_version<=2.0.1<=2.0.1<=2.0.1<=2.0.1
software_componentPermission Management PagePermission Management PagePermission Management PagePermission Management Page
software_file/admin#permissions/admin#permissions/admin#permissions/admin#permissions
vulnerability_cweCWE-79 (କ୍ରସ୍ ସାଇଟ୍ ସ୍କ୍ରିପ୍ଟିଂ)CWE-79 (କ୍ରସ୍ ସାଇଟ୍ ସ୍କ୍ରିପ୍ଟିଂ)CWE-79 (କ୍ରସ୍ ସାଇଟ୍ ସ୍କ୍ରିପ୍ଟିଂ)CWE-79 (କ୍ରସ୍ ସାଇଟ୍ ସ୍କ୍ରିପ୍ଟିଂ)
vulnerability_risk1111
cvss3_vuldb_avNNNN
cvss3_vuldb_acLLLL
cvss3_vuldb_prHHHH
cvss3_vuldb_uiRRRR
cvss3_vuldb_sUUUU
cvss3_vuldb_cNNNN
cvss3_vuldb_iLLLL
cvss3_vuldb_aNNNN
cvss3_vuldb_ePPPP
cvss3_vuldb_rcRRRR
advisory_identifierIAYIB9IAYIB9IAYIB9IAYIB9
advisory_urlhttps://gitee.com/LinZhaoguan/pb-cms/issues/IAYIB9https://gitee.com/LinZhaoguan/pb-cms/issues/IAYIB9https://gitee.com/LinZhaoguan/pb-cms/issues/IAYIB9https://gitee.com/LinZhaoguan/pb-cms/issues/IAYIB9
exploit_availability1111
exploit_publicity1111
exploit_urlhttps://gitee.com/LinZhaoguan/pb-cms/issues/IAYIB9https://gitee.com/LinZhaoguan/pb-cms/issues/IAYIB9https://gitee.com/LinZhaoguan/pb-cms/issues/IAYIB9https://gitee.com/LinZhaoguan/pb-cms/issues/IAYIB9
source_cveCVE-2024-10477CVE-2024-10477CVE-2024-10477CVE-2024-10477
cna_responsibleVulDBVulDBVulDBVulDB
software_typeContent Management SystemContent Management SystemContent Management SystemContent Management System
cvss2_vuldb_avNNNN
cvss2_vuldb_acLLLL
cvss2_vuldb_auMMMM
cvss2_vuldb_ciNNNN
cvss2_vuldb_iiPPPP
cvss2_vuldb_aiNNNN
cvss2_vuldb_ePOCPOCPOCPOC
cvss2_vuldb_rcURURURUR
cvss4_vuldb_avNNNN
cvss4_vuldb_acLLLL
cvss4_vuldb_prHHHH
cvss4_vuldb_vcNNNN
cvss4_vuldb_viLLLL
cvss4_vuldb_vaNNNN
cvss4_vuldb_ePPPP
cvss2_vuldb_rlNDNDNDND
cvss3_vuldb_rlXXXX
cvss4_vuldb_atNNNN
cvss4_vuldb_uiNNPP
cvss4_vuldb_scNNNN
cvss4_vuldb_siNNNN
cvss4_vuldb_saNNNN
cvss2_vuldb_basescore3.33.33.33.3
cvss2_vuldb_tempscore2.82.82.82.8
cvss3_vuldb_basescore2.42.42.42.4
cvss3_vuldb_tempscore2.22.22.22.2
cvss3_meta_basescore2.42.42.43.4
cvss3_meta_tempscore2.22.32.33.3
cvss4_vuldb_bscore5.15.14.84.8
cvss4_vuldb_btscore2.02.01.91.9
advisory_date1730070000 (10/28/2024)1730070000 (10/28/2024)1730070000 (10/28/2024)1730070000 (10/28/2024)
price_0day$0-$5k$0-$5k$0-$5k$0-$5k
cve_nvd_summaryA vulnerability classified as problematic was found in LinZhaoguan pb-cms up to 2.0.1. This vulnerability affects unknown code of the file /admin#permissions of the component Permission Management Page. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.A vulnerability classified as problematic was found in LinZhaoguan pb-cms up to 2.0.1. This vulnerability affects unknown code of the file /admin#permissions of the component Permission Management Page. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.A vulnerability classified as problematic was found in LinZhaoguan pb-cms up to 2.0.1. This vulnerability affects unknown code of the file /admin#permissions of the component Permission Management Page. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
cvss4_cna_avNNN
cvss4_cna_acLLL
cvss4_cna_atNNN
cvss4_cna_prHHH
cvss4_cna_uiNNN
cvss4_cna_vcNNN
cvss4_cna_viLLL
cvss4_cna_vaNNN
cvss4_cna_scNNN
cvss4_cna_siNNN
cvss4_cna_saNNN
cvss4_cna_bscore5.15.15.1
cvss3_cna_avNNN
cvss3_cna_acLLL
cvss3_cna_prHHH
cvss3_cna_uiRRR
cvss3_cna_sUUU
cvss3_cna_cNNN
cvss3_cna_iLLL
cvss3_cna_aNNN
cvss3_cna_basescore2.42.42.4
cvss2_cna_avNNN
cvss2_cna_acLLL
cvss2_cna_auMMM
cvss2_cna_ciNNN
cvss2_cna_iiPPP
cvss2_cna_aiNNN
cvss2_cna_basescore3.33.33.3
cve_nvd_summaryesSe ha encontrado una vulnerabilidad clasificada como problemática en LinZhaoguan pb-cms hasta la versión 2.0.1. Esta vulnerabilidad afecta al código desconocido del archivo /admin#permissions del componente Permission Management Page. La manipulación conduce a Cross Site Scripting. El ataque puede iniciarse de forma remota. El exploit ha sido divulgado al público y puede utilizarse.
cvss3_nvd_avN
cvss3_nvd_acL
cvss3_nvd_prL
cvss3_nvd_uiR
cvss3_nvd_sC
cvss3_nvd_cL
cvss3_nvd_iL
cvss3_nvd_aN
cvss3_nvd_basescore5.4

ପଛକୁସମୀକ୍ଷାଆହୁରି ଦୂରରେ

Do you want to use VulDB in your project?

Use the official API to access entries easily!