A flaw has been found in SourceCodester/Campcodes School Log Management System 1.0. Affected is an unknown function of the file /admin/ajax.php?action=save_student. Executing manipulation of the argument Name can lead to cross site scripting. The attack may be performed from remote. The exploit has been published and may be used.
History

Mon, 01 Sep 2025 11:15:00 +0000

Type Values Removed Values Added
First Time appeared Sourcecodester
Sourcecodester school Log Management System
CPEs cpe:2.3:a:sourcecodester:school_log_management_system:1.0:*:*:*:*:*:*:*
Vendors & Products Sourcecodester
Sourcecodester school Log Management System
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Mon, 01 Sep 2025 10:15:00 +0000

Type Values Removed Values Added
Description A vulnerability was found in SourceCodester School Log Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /admin/ajax.php?action=save_student. The manipulation of the argument name leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-272789 was assigned to this vulnerability. A flaw has been found in SourceCodester/Campcodes School Log Management System 1.0. Affected is an unknown function of the file /admin/ajax.php?action=save_student. Executing manipulation of the argument Name can lead to cross site scripting. The attack may be performed from remote. The exploit has been published and may be used.
Title SourceCodester School Log Management System cross site scripting SourceCodester/Campcodes School Log Management System ajax.php cross site scripting
Weaknesses CWE-94
Metrics cvssV2_0

{'score': 4, 'vector': 'AV:N/AC:L/Au:S/C:N/I:P/A:N'}

cvssV3_0

{'score': 3.5, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N'}

cvssV3_1

{'score': 3.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N'}

cvssV2_0

{'score': 4, 'vector': 'AV:N/AC:L/Au:S/C:N/I:P/A:N/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 3.5, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 3.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 5.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P'}


Wed, 11 Sep 2024 16:30:00 +0000

Type Values Removed Values Added
First Time appeared Oretnom23
Oretnom23 school Log Management System
CPEs cpe:2.3:a:oretnom23:school_log_management_system:1.0:*:*:*:*:*:*:*
Vendors & Products Oretnom23
Oretnom23 school Log Management System

cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2025-09-01T09:59:14.078Z

Reserved: 2024-07-29T18:21:39.352Z

Link: CVE-2024-7218

cve-icon Vulnrichment

Updated: 2024-08-01T21:52:30.817Z

cve-icon NVD

Status : Modified

Published: 2024-07-30T05:15:10.267

Modified: 2025-09-01T10:15:32.333

Link: CVE-2024-7218

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.