CVE-2024-13077

CWE-79Cross-site Scripting (XSS)CWE-94Code Injection3 documents3 sources
Severity
5.3MEDIUM
EPSS
0.1%
top 68.04%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Phpgurukul Land Record System
Timeline
PublishedDec 31

Description

A vulnerability, which was classified as problematic, was found in PHPGurukul Land Record System 1.0. Affected is an unknown function of the file /admin/add-property.php. The manipulation of the argument Land Subtype leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Affected Packages2 packages

🔴Vulnerability Details

2
CVEList
PHPGurukul Land Record System add-property.php cross site scripting2024-12-31
GHSA
GHSA-h366-2rx9-rhh8: A vulnerability, which was classified as problematic, was found in PHPGurukul Land Record System 12024-12-31
CVE-2024-13077 (MEDIUM CVSS 5.3) | A vulnerability | cvebase.io