How severe is CVE-2024-2355?

This vulnerability has a severity rating of LOW with a CVSS score of 3.7 out of 10.

What type of vulnerability is CVE-2024-2355?

This is classified as CWE-540, which is a common weakness in software security.

CVE-2024-2355 - LOW Severity | CVSS 3.7

Vulnerability Description

A vulnerability has been found in keerti1924 Secret-Coder-PHP-Project 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /secret_coder.sql. The manipulation leads to inclusion of sensitive information in source code. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-256315. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Related Vulnerabilities

CVE-2024-27257

MEDIUM

CVSS:4.3(Medium)

IBM OpenPages 8.3 and 9.0 potentially exposes information about client-side source code through use of JavaScript source maps to unauthorized users.

CWE-5402024

CVE-2024-39729

MEDIUM

CVSS:4.3(Medium)

IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow an authenticated user to obtain sensitive information from source code that could be used in further attacks against the system....

CWE-5402024

CVE-2023-35013

MEDIUM

CVSS:4.4(Medium)

IBM Security Verify Governance 10.0, Identity Manager could allow a local privileged user to obtain sensitive information from source code. IBM X-Force ID: 257769.

CWE-5402023

CVE-2021-34744

MEDIUM

CVSS:4.9(Medium)

Multiple vulnerabilities in Cisco Business 220 Series Smart Switches firmware could allow an attacker with Administrator privileges to access sensitive login credentials or reconfigure the passwords o...

CWE-5402021

CVE-2023-23448

MEDIUM

CVSS:5.3(Medium)

Inclusion of Sensitive Information in Source Code in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows a remote attacker to gain informati...

CWE-5402023

CVE-2023-30802

MEDIUM

CVSS:5.3(Medium)

The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to a source code disclosure vulnerability. A remote and unauthenticated attacker can obtain PHP source code by sending an HTT...

CWE-5402023