Campcodes Legal Case Management System

Campcodes Legal Case Mgmt Sys 1.0 XSS via new_client arg
CVE-2024-4738 5.4 - Medium - May 14, 2024

A vulnerability was found in Campcodes Legal Case Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code. The manipulation of the argument new_client leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-263824.

XSS

Campcodes LCM 1.0 XSS via /admin/vendor (company_name/mobile)
CVE-2024-4737 5.4 - Medium - May 14, 2024

A vulnerability was found in Campcodes Legal Case Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /admin/vendor. The manipulation of the argument company_name/mobile leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-263823.

XSS

Campcodes LCM 1.0 XSS on /admin/tax via name param
CVE-2024-4736 5.4 - Medium - May 14, 2024

A vulnerability was found in Campcodes Legal Case Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/tax. The manipulation of the argument name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-263822 is the identifier assigned to this vulnerability.

XSS

Campcodes LCS 1.0 XSS via task_subject in /admin/tasks
CVE-2024-4735 5.4 - Medium - May 14, 2024

A vulnerability has been found in Campcodes Legal Case Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/tasks. The manipulation of the argument task_subject leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-263821 was assigned to this vulnerability.

XSS

Campcodes Legal Case Mgmt System 1.0 XSS via /admin/service
CVE-2024-4732 5.4 - Medium - May 14, 2024

A vulnerability, which was classified as problematic, has been found in Campcodes Legal Case Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/service. The manipulation of the argument name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-263810 is the identifier assigned to this vulnerability.

XSS

XSS in Campcodes Legal Case Management System 1.0 via /admin/role
CVE-2024-4731 5.4 - Medium - May 14, 2024

A vulnerability classified as problematic was found in Campcodes Legal Case Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/role. The manipulation of the argument slug leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-263809 was assigned to this vulnerability.

XSS

Campcodes Legal Case Mgmt Sys 1.0 XSS in /admin/judge (judge_name)
CVE-2024-4730 5.4 - Medium - May 14, 2024

A vulnerability classified as problematic has been found in Campcodes Legal Case Management System 1.0. Affected is an unknown function of the file /admin/judge. The manipulation of the argument judge_name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-263808.

XSS

Campcodes LCM 1.0 XSS via /admin/expense-type
CVE-2024-4729 5.4 - Medium - May 14, 2024

A vulnerability was found in Campcodes Legal Case Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /admin/expense-type. The manipulation of the argument name leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-263807.

XSS

XSS in Campcodes Legal Case Mgt Sys 1.0 /admin/court (court_name)
CVE-2024-4728 5.4 - Medium - May 14, 2024

A vulnerability was found in Campcodes Legal Case Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/court. The manipulation of the argument court_name leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-263806 is the identifier assigned to this vulnerability.

XSS

Campcodes LCM 1.0 XSS in /admin/court-type via court_name Argument
CVE-2024-4727 5.4 - Medium - May 14, 2024

A vulnerability was found in Campcodes Legal Case Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /admin/court-type. The manipulation of the argument court_name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-263805 was assigned to this vulnerability.

XSS in Campcodes Legal Case Mgmt 1.0, /admin/clients (pre-1.1)
CVE-2024-4726 5.4 - Medium - May 14, 2024

A vulnerability was found in Campcodes Legal Case Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/clients. The manipulation of the argument f_name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-263804.

XSS

CVE-2024-4725: Campcodes LCM 1.0 XSS via /admin/client_user f_name Remote
CVE-2024-4725 5.4 - Medium - May 14, 2024

A vulnerability has been found in Campcodes Legal Case Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/client_user. The manipulation of the argument f_name leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-263803.

XSS

Campcodes Legal Case Management System XSS via /admin/case-type (1.0)
CVE-2024-4724 5.4 - Medium - May 14, 2024

A vulnerability, which was classified as problematic, was found in Campcodes Legal Case Management System 1.0. Affected is an unknown function of the file /admin/case-type. The manipulation of the argument case_type_name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-263802 is the identifier assigned to this vulnerability.

XSS

Campcodes Legal Case Mgmt 1.0: Remote XSS via /admin/case-status
CVE-2024-4723 5.4 - Medium - May 14, 2024

A vulnerability, which was classified as problematic, has been found in Campcodes Legal Case Management System 1.0. This issue affects some unknown processing of the file /admin/case-status. The manipulation of the argument case_status leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-263801 was assigned to this vulnerability.

XSS

Campcodes LCM v1.0: Remote Unrestricted Upload via Favicon/Logo in Setting Handler
CVE-2024-4681 7.2 - High - May 14, 2024

A vulnerability, which was classified as critical, was found in Campcodes Legal Case Management System 1.0. Affected is an unknown function of the file /admin/general-setting of the component Setting Handler. The manipulation of the argument favicon/logo leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-263622 is the identifier assigned to this vulnerability.

Unrestricted File Upload