{"api_version":"1","generated_at":"2026-05-06T02:36:54+00:00","cve":"CVE-2023-1961","urls":{"html":"https://cve.report/CVE-2023-1961","api":"https://cve.report/api/cve/CVE-2023-1961.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2023-1961","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2023-1961"},"summary":{"title":"CVE-2023-1961","description":"A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0. It has been classified as problematic. Affected is an unknown function of the file /admin/?page=system_info. The manipulation of the argument System Name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-225348.","state":"PUBLIC","assigner":"cna@vuldb.com","published_at":"2023-04-08 12:15:00","updated_at":"2023-11-07 04:05:00"},"problem_types":["CWE-79"],"metrics":[],"references":[{"url":"https://github.com/boyi0508/Online-Computer-and-Laptop-Store/blob/main/Cross%20site%20scripting%20attack%20at%20system%20name%20setting.pdf","name":"https://github.com/boyi0508/Online-Computer-and-Laptop-Store/blob/main/Cross%20site%20scripting%20attack%20at%20system%20name%20setting.pdf","refsource":"MISC","tags":["Broken Link"],"title":"Online-Computer-and-Laptop-Store/Cross site scripting attack at system name setting.pdf at main · boyi0508/Online-Computer-and-Laptop-Store · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://vuldb.com/?id.225348","name":"https://vuldb.com/?id.225348","refsource":"MISC","tags":["Permissions Required","Third Party Advisory"],"title":"CVE-2023-1961 | SourceCodester Online Computer and Laptop Store cross site scripting","mime":"text/html","httpstatus":"401","archivestatus":"200"},{"url":"https://vuldb.com/?ctiid.225348","name":"https://vuldb.com/?ctiid.225348","refsource":"MISC","tags":["Permissions Required","Third Party Advisory"],"title":"Login required","mime":"text/html","httpstatus":"401","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2023-1961","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-1961","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2023","cve_id":"1961","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"online_computer_and_laptop_store_project","cpe5":"online_computer_and_laptop_store","cpe6":"1.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"1961","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oretnom23","cpe5":"online_computer_and_laptop_store","cpe6":"1.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"data_version":"4.0","data_type":"CVE","data_format":"MITRE","CVE_data_meta":{"ID":"CVE-2023-1961","ASSIGNER":"cna@vuldb.com","STATE":"PUBLIC"},"description":{"description_data":[{"lang":"eng","value":"A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0. It has been classified as problematic. Affected is an unknown function of the file /admin/?page=system_info. The manipulation of the argument System Name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-225348."},{"lang":"deu","value":"Es wurde eine problematische Schwachstelle in SourceCodester Online Computer and Laptop Store 1.0 ausgemacht. Dabei betrifft es einen unbekannter Codeteil der Datei /admin/?page=system_info. Mit der Manipulation des Arguments System Name mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-79 Cross Site Scripting","cweId":"CWE-79"}]}]},"affects":{"vendor":{"vendor_data":[{"vendor_name":"SourceCodester","product":{"product_data":[{"product_name":"Online Computer and Laptop Store","version":{"version_data":[{"version_affected":"=","version_value":"1.0"}]}}]}}]}},"references":{"reference_data":[{"url":"https://vuldb.com/?id.225348","refsource":"MISC","name":"https://vuldb.com/?id.225348"},{"url":"https://vuldb.com/?ctiid.225348","refsource":"MISC","name":"https://vuldb.com/?ctiid.225348"},{"url":"https://github.com/boyi0508/Online-Computer-and-Laptop-Store/blob/main/Cross%20site%20scripting%20attack%20at%20system%20name%20setting.pdf","refsource":"MISC","name":"https://github.com/boyi0508/Online-Computer-and-Laptop-Store/blob/main/Cross%20site%20scripting%20attack%20at%20system%20name%20setting.pdf"}]},"credits":[{"lang":"en","value":"haicheng.zhang (VulDB User)"}],"impact":{"cvss":[{"version":"3.1","baseScore":2.4,"vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N","baseSeverity":"LOW"},{"version":"3.0","baseScore":2.4,"vectorString":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N","baseSeverity":"LOW"},{"version":"2.0","baseScore":3.3,"vectorString":"AV:N/AC:L/Au:M/C:N/I:P/A:N"}]}},"nvd":{"publishedDate":"2023-04-08 12:15:00","lastModifiedDate":"2023-11-07 04:05:00","problem_types":["CWE-79"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE","baseScore":6.1,"baseSeverity":"MEDIUM"},"exploitabilityScore":2.8,"impactScore":2.7}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oretnom23:online_computer_and_laptop_store:1.0:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}