From b5eee7a1a84b6a9297b3a106d335d1b12785b718 Mon Sep 17 00:00:00 2001 From: Shubham Pandey <56669789+shubham-s-pandey@users.noreply.github.com> Date: Sun, 28 Dec 2025 19:49:23 +0530 Subject: [PATCH] Improve GHSA-mhv9-5hxr-j9mw --- .../GHSA-mhv9-5hxr-j9mw.json | 34 +++++++++++-------- 1 file changed, 20 insertions(+), 14 deletions(-) diff --git a/advisories/unreviewed/2024/03/GHSA-mhv9-5hxr-j9mw/GHSA-mhv9-5hxr-j9mw.json b/advisories/unreviewed/2024/03/GHSA-mhv9-5hxr-j9mw/GHSA-mhv9-5hxr-j9mw.json index 3d6480ea32928..2e9b67df780f0 100644 --- a/advisories/unreviewed/2024/03/GHSA-mhv9-5hxr-j9mw/GHSA-mhv9-5hxr-j9mw.json +++ b/advisories/unreviewed/2024/03/GHSA-mhv9-5hxr-j9mw/GHSA-mhv9-5hxr-j9mw.json @@ -1,11 +1,12 @@ { "schema_version": "1.4.0", "id": "GHSA-mhv9-5hxr-j9mw", - "modified": "2024-08-16T18:30:56Z", + "modified": "2024-08-16T18:30:57Z", "published": "2024-03-02T00:31:31Z", "aliases": [ "CVE-2024-27744" ], + "summary": "CVE-2024-27744", "details": "Cross Site Scripting vulnerability in Petrol Pump Mangement Software v.1.0 allows an attacker to execute arbitrary code via a crafted payload to the image parameter in the profile.php component.", "severity": [ { @@ -13,7 +14,24 @@ "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], - "affected": [], + "affected": [ + { + "package": { + "ecosystem": "Packagist", + "name": "" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ], "references": [ { "type": "ADVISORY", @@ -26,18 +44,6 @@ { "type": "WEB", "url": "https://www.sourcecodester.com/php/17180/petrol-pump-management-software-free-download.html" - }, - { - "type": "WEB", - "url": "http://mayurik.com" - }, - { - "type": "WEB", - "url": "http://www.w3.org/2000/svg" - }, - { - "type": "WEB", - "url": "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd" } ], "database_specific": {