Vulnerability Description
Auto Dealer Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the name parameter at /classes/SystemSettings.php?f=update_settings.
CVSS Score
6.1
MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Auto Dealer Management System Project | Auto Dealer Management System | 1.0 |
Related Weaknesses (CWE)
References
- http://auto.comNot Applicable
- https://gist.github.com/Flower-fertilizer/a1fb260c02353906f2d2808656dd1559Third Party Advisory
- https://www.sourcecodester.com/php/15371/auto-dealer-management-system-phpoop-frProduct
- http://auto.comNot Applicable
- https://gist.github.com/Flower-fertilizer/a1fb260c02353906f2d2808656dd1559Third Party Advisory
- https://www.sourcecodester.com/php/15371/auto-dealer-management-system-phpoop-frProduct
FAQ
What is CVE-2023-27666?
CVE-2023-27666 is a vulnerability with a CVSS score of 6.1 (MEDIUM). Auto Dealer Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the name parameter at /classes/SystemSettings.php?f=update_settings.
How severe is CVE-2023-27666?
CVE-2023-27666 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-27666?
Check the references section above for vendor advisories and patch information. Affected products include: Auto Dealer Management System Project Auto Dealer Management System.