CVE-2024-51106

Medium CVSS: 4.6

A cross-site scripting (XSS) vulnerability in the component mcgs/admin/aboutus.php of PHPGURUKUL Medical Card Generation System using PHP and MySQL v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the pagetitle parameter.

Vendor

Anujk305

Product

Medical Card Generation System

CWE

CWE-79

Yayın Tarihi

2025-05-19 15:15:22

Güncelleme

2025-05-28 01:00:45

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-79 Medical Card Generation System MEDIUM Anujk305 2025

Referanslar

https://github.com/0xBhushan/Writeups/blob/main/CVE/phpGurukul/Medical%20Card%20Generation%20System/Stored%20XSS-About%20Us.pdf

Benzer Kayıtlar

Medium

CVE-2025-50367

A stored blind XSS vulnerability exists in the Contact Page of the Phpgurukul Medical Card Generation System 1.0 mcgs/co…

Medium

CVE-2025-50369

A Cross-Site Request Forgery (CSRF) vulnerability exists in the Manage Card functionality (/mcgs/admin/manage-card.php)…

Medium

CVE-2025-50370

A Cross-Site Request Forgery (CSRF) vulnerability exists in the Inquiry Management functionality /mcgs/admin/readenq.php…

Medium

CVE-2025-6613

A vulnerability classified as problematic was found in PHPGurukul Hospital Management System 4.0. Affected by this vulne…

Medium

CVE-2025-6570

A vulnerability, which was classified as critical, has been found in PHPGurukul Hospital Management System 4.0. Affected…

Medium

CVE-2025-6301

A vulnerability, which was classified as problematic, has been found in PHPGurukul Notice Board System 1.0. This issue a…