CVE-2024-37798

Cross-site scripting (XSS) vulnerability in search-appointment.php in the Admin Panel in Phpgurukul Beauty Parlour Management System 1.0 allows remote attackers to inject arbitrary web script or HTML via the search input field.
Configurations

No configuration.

History

21 Nov 2024, 09:24

Type Values Removed Values Added
References () https://cyberxtron.com/blog/cve-2024-37798---cross-site-scripting-xss-in-beauty-parlour-management-system--5187 - () https://cyberxtron.com/blog/cve-2024-37798---cross-site-scripting-xss-in-beauty-parlour-management-system--5187 -
References () https://owasp.org/www-community/attacks/xss/ - () https://owasp.org/www-community/attacks/xss/ -

01 Aug 2024, 13:54

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.9
CWE CWE-79

20 Jun 2024, 12:44

Type Values Removed Values Added
Summary
  • (es) Vulnerabilidad de Cross-site scripting (XSS) en search-appointment.php en el Panel de administración de Phpgurukul Beauty Parlor Management System 1.0 permite a atacantes remotos inyectar scripts web o HTML arbitrarios a través del campo de entrada de búsqueda.

17 Jun 2024, 21:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-06-17 21:15

Updated : 2024-11-21 09:24


NVD link : CVE-2024-37798

Mitre link : CVE-2024-37798

CVE.ORG link : CVE-2024-37798


JSON object : View

Products Affected

No product.

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')