Stored Cross-Site Scripting Vulnerability in Phpgurukul Vehicle Record Management System
CVE-2024-51226

6.1MEDIUM

Key Information:

Vendor: Phpgurukul
Status: Vehicle Record Management System
Vendor: CVE Published:; 23 March 2026

What is CVE-2024-51226?

The Vehicle Record Management System by Phpgurukul is susceptible to a stored cross-site scripting (XSS) vulnerability located in its /admin/search-vehicle.php component. This weakness enables attackers to execute arbitrary web scripts or HTML by injecting malicious payloads into the Search parameter, potentially compromising user data and system integrity.

References

https://github.com/Buckdray/vulnerability-research

https://github.com/Buckdray/vulnerability-research/tree/m...

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 23, 2026
Vulnerability Reserved
Oct 28, 2024

CVE-2024-51226 Data

JSON