Cross Site Scripting Vulnerability in PHPGurukul Maid Hiring Management System
CVE-2024-13018

5.1MEDIUM

Key Information:

Vendor
PHPgurukul
Status
Maid Hiring Management System
Vendor
CVE Published:
29 December 2024

Summary

A vulnerability exists in the PHPGurukul Maid Hiring Management System version 1.0 that allows remote attackers to exploit cross site scripting (XSS) by manipulating input fields in the file /admin/profile.php. This can result in unauthorized access or the execution of malicious scripts in the context of the user's browser. Organizations using the affected version are advised to implement security measures to mitigate potential exploitation.

Affected Version(s)

Maid Hiring Management System 1.0

References

https://vuldb.com/?id.289709
vdb-entrytechnical-description
https://vuldb.com/?ctiid.289709
signaturepermissions-required
https://vuldb.com/?submit.470508
third-party-advisory

CVSS V4

Score:
5.1
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database

Credit

Fergod (VulDB User)
.