CVE-2024-12353

CWE-20Improper Input Validation3 documents3 sources
Severity
4.8MEDIUM
EPSS
0.1%
top 80.13%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Sourcecodester Phone Contact Manager SystemRazormist Phone Contact Manager System
Timeline
PublishedDec 9

Description

A vulnerability, which was classified as problematic, has been found in SourceCodester Phone Contact Manager System 1.0. This issue affects the function UserInterface::MenuDisplayStart of the component User Menu. The manipulation of the argument name leads to improper input validation. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Affected Packages2 packages

🔴Vulnerability Details

2
CVEList
SourceCodester Phone Contact Manager System User Menu MenuDisplayStart input validation2024-12-09
GHSA
GHSA-5985-x66x-p86v: A vulnerability, which was classified as problematic, has been found in SourceCodester Phone Contact Manager System 12024-12-09
CVE-2024-12353 (MEDIUM CVSS 4.8) | A vulnerability | cvebase.io