Vulnerability Database

313,359

Total vulnerabilities in the database

CVE-2024-34469

Rukovoditel before 3.5.3 allows XSS via user_photo to index.php?module=users/registration&action=save.

  • Published: May 4, 2024
  • Updated: Nov 16, 2025
  • CVE: CVE-2024-34469
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 7.1
  • AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

CWEs:

OWASP TOP 10:

Software From Fixed in
rukovoditel / rukovoditel - 3.5.3