PHPGurukul BP Monitoring Management System Add New Family Member add-family-member.php cross site scripting
CVE-2023-1948

6.1MEDIUM

Key Information:

Vendor

PHPGurukul
Status
BP Monitoring Management System
Vendor
CVE Published:
8 April 2023

What is CVE-2023-1948?

A vulnerability, which was classified as problematic, has been found in PHPGurukul BP Monitoring Management System 1.0. This issue affects some unknown processing of the file add-family-member.php of the component Add New Family Member Handler. The manipulation of the argument Member Name leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-225335.

Affected Version(s)

BP Monitoring Management System 1.0

References

https://vuldb.com/?id.225335
vdb-entrytechnical-description
https://vuldb.com/?ctiid.225335
signaturepermissions-required
https://github.com/vsdwef/BP-Monitoring-Management-System...
exploit

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

carrie.lee (VulDB User)
.