cve/2024/CVE-2024-5385.md

### [CVE-2024-5385](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5385)
![](https://img.shields.io/static/v1?label=Product&message=Online%20Car%20Wash%20Booking%20System&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3D%201.0%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-79%20Cross%20Site%20Scripting&color=brighgreen)

### Description

A vulnerability, which was classified as problematic, has been found in oretnom23 Online Car Wash Booking System 1.0. This issue affects some unknown processing of the file /admin/?page=user/list. The manipulation of the argument First Name/Last Name with the input <script>confirm (document.cookie)</script> leads to cross site scripting. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-266303.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds