Cross Site Scripting Vulnerability in PHPGurukul Directory Management System 1.0
CVE-2024-5137

4.8MEDIUM

Key Information:

Vendor: PHPGurukul
Status: Directory Management System
Vendor: CVE Published:; 20 May 2024

What is CVE-2024-5137?

A vulnerability classified as problematic was found in PHPGurukul Directory Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/admin-profile.php of the component Searchbar. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-265213 was assigned to this vulnerability.

References

https://vuldb.com/?id.265213

https://vuldb.com/?ctiid.265213

https://vuldb.com/?submit.339123

CVSS V3.1

Score:

4.8

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 20, 2024