PT-2024-20817 · Unknown · Barangay Population Monitoring System

·

CVE-2024-25208

·

Published

2024-02-14

·

Updated

2024-08-01

CVSS v3.1

5.4

Medium

VectorAV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Name of the Vulnerable Software and Affected Versions Barangay Population Monitoring System version 1.0
Description The system contains a cross-site scripting (XSS) vulnerability in the Add Resident function at "/barangay-population-monitoring-system/masterlist.php". This issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Full Name parameter.
Recommendations For Barangay Population Monitoring System version 1.0, consider disabling the Add Resident function at "/barangay-population-monitoring-system/masterlist.php" until a patch is available to prevent exploitation of the XSS vulnerability. Restrict access to the Full Name parameter in the affected function to minimize the risk of arbitrary script execution.

Exploit

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2024-25208

Affected Products

Barangay Population Monitoring System