CVE-2024-7459 — MEDIUM (4.3)

Vulnerability Description

A vulnerability was found in OSWAPP Warehouse Inventory System 1.0/2.0. It has been classified as problematic. Affected is an unknown function of the file /edit_account.php. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-273552.

CVSS Score

4.3

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

NONE

Integrity

LOW

Availability

NONE

Affected Products

Vendor	Product	Versions
Siamonhasan	Warehouse Inventory System	1.0

Related Weaknesses (CWE)

CWE-352

References

https://gist.github.com/topsky979/26ab4dc35349a3f670fb8688c69a5cadExploitThird Party Advisory
https://vuldb.com/?ctiid.273552Permissions RequiredThird Party AdvisoryVDB Entry
https://vuldb.com/?id.273552Third Party AdvisoryVDB Entry
https://vuldb.com/?submit.379590Third Party AdvisoryVDB Entry

FAQ

What is CVE-2024-7459?

CVE-2024-7459 is a vulnerability with a CVSS score of 4.3 (MEDIUM). A vulnerability was found in OSWAPP Warehouse Inventory System 1.0/2.0. It has been classified as problematic. Affected is an unknown function of the file /edit_account.php. The manipulation leads to ...

How severe is CVE-2024-7459?

CVE-2024-7459 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-7459?

Check the references section above for vendor advisories and patch information. Affected products include: Siamonhasan Warehouse Inventory System.