CVE-2024-5137Cross-site Scripting in Directory Management System

CWE-79Cross-site Scripting3 documents3 sources
Severity
5.1MEDIUMNVD
EPSS
0.1%
top 83.81%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Phpgurukul Directory Management System
Timeline
PublishedMay 20

Description

A vulnerability classified as problematic was found in PHPGurukul Directory Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/admin-profile.php of the component Searchbar. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-265213 was assigned to this vulnerability.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Affected Packages2 packages

🔴Vulnerability Details

2
CVEList
PHPGurukul Directory Management System Searchbar admin-profile.php cross site scripting2024-05-20
GHSA
GHSA-m9g5-934r-727r: A vulnerability classified as problematic was found in PHPGurukul Directory Management System 12024-05-20
CVE-2024-5137 — Cross-site Scripting | cvebase