Cross-site scripting (XSS) vulnerability in search-appointment.php in the Admin Panel in Phpgurukul Beauty Parlour Management System 1.0 allows remote attackers to inject arbitrary web script or HTML via the search input field.
References
Configurations
No configuration.
History
21 Nov 2024, 09:24
Type | Values Removed | Values Added |
---|---|---|
References | () https://cyberxtron.com/blog/cve-2024-37798---cross-site-scripting-xss-in-beauty-parlour-management-system--5187 - | |
References | () https://owasp.org/www-community/attacks/xss/ - |
01 Aug 2024, 13:54
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.9 |
CWE | CWE-79 |
20 Jun 2024, 12:44
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
17 Jun 2024, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-06-17 21:15
Updated : 2024-11-21 09:24
NVD link : CVE-2024-37798
Mitre link : CVE-2024-37798
CVE.ORG link : CVE-2024-37798
JSON object : View
Products Affected
No product.
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')