CVE-2023-3465 LOW

CVE-2023-3465: SimplePHPscripts Classified Ads Script HTTP POST Request user.php cross site scripting

Vendor Simplephpscripts
Product Classified Ads Script
Weakness CWE-79 · XSS
Published June 29, 2023
Last update August 2, 2024
View on NVD All CVEs

CVSS base score

3.5/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction Required
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

What the vulnerability does

01Description

A vulnerability was found in SimplePHPscripts Classified Ads Script 1.8. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file user.php of the component HTTP POST Request Handler. The manipulation of the argument title leads to cross site scripting. The attack can be launched remotely. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-232711.

Key dates

02Disclosure timeline

June 29, 2023 CVE published
August 2, 2024 Record updated

Related vulnerabilities

04Related CVE

CVE-2025-49314 WordPress BRW plugin <= 1.8.6 - Cross Site Scripting (XSS) Vulnerability CVE-2023-3887 Campcodes Beauty Salon Management System search-appointment.php cross site scripting CVE-2020-37238 CMS Made Simple 2.2.15 Stored XSS via SVG File Upload CVE-2025-52754 WordPress Sello ChannelConnector plugin <= 1.6.3 - Cross Site Scripting (XSS) vulnerability CVE-2024-1157 Bold Page Builder <= 4.8.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Button URL