CVE-2024-46237

PHPGurukul Hospital Management System 4.0 is vulnerable to Cross Site Scripting (XSS) via the patname, pataddress, and medhis parameters in doctor/add-patient.php and doctor/edit-patient.php.
Configurations

Configuration 1 (hide)

cpe:2.3:a:phpgurukul:hospital_management_system:4.0:*:*:*:*:*:*:*

History

21 Oct 2024, 19:15

Type Values Removed Values Added
References
  • () https://github.com/anoncoder01/PHP_Gurukul_Hospital_Management_System_XSS/blob/master/vulnerabilities/XSS1.md -

16 Oct 2024, 15:38

Type Values Removed Values Added
References () https://github.com/npemma2/PHP_Gurukul_Hospital_Management_System_XSS - () https://github.com/npemma2/PHP_Gurukul_Hospital_Management_System_XSS - Exploit, Third Party Advisory
First Time Phpgurukul hospital Management System
Phpgurukul
CPE cpe:2.3:a:phpgurukul:hospital_management_system:4.0:*:*:*:*:*:*:*
CWE CWE-79
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.4

10 Oct 2024, 12:51

Type Values Removed Values Added
Summary
  • (es) PHPGurukul Hospital Management System 4.0 es vulnerable a Cross Site Scripting (XSS) a través de los parámetros patname, pataddress y medhis en doctor/add-patient.php y doctor/edit-patient.php.

09 Oct 2024, 14:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-10-09 14:15

Updated : 2024-10-22 18:35


NVD link : CVE-2024-46237

Mitre link : CVE-2024-46237

CVE.ORG link : CVE-2024-46237


JSON object : View

Products Affected

phpgurukul

  • hospital_management_system
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')