exploitDog

CVE-2024-48279

Опубликовано: 15 окт. 2024

Источник: nvd

CVSS3: 7.6

EPSS Низкий

Описание

A HTML Injection vulnerability was found in /search-result.php of PHPGurukul User Registration & Login and User Management System 3.2. This vulnerability allows remote attackers to execute arbitrary HTML code via the searchkey parameter in a POST HTTP request.

Ссылки

https://github.com/m14r41/Writeups/blob/main/CVE/phpGurukul/User%20Registration%20%26%20Login%20and%20User%20Management%20System%20With%20admin%20panel/HTML%20Injection%20-%20Search.md
Exploit
Mitigation
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:phpgurukul:user_registration_\&_login_and_user_management_system:3.2:*:*:*:*:*:*:*

EPSS

Процентиль: 73%

0.00763

Низкий

7.6 High

CVSS3

Дефекты

CWE-94

Связанные уязвимости

GHSA-vgrm-w974-j729

CVSS3: 7.6

github

больше 1 года назад

A HTML Injection vulnerability was found in /search-result.php of PHPGurukul User Registration & Login and User Management System 3.2. This vulnerability allows remote attackers to execute arbitrary HTML code via the searchkey parameter in a POST HTTP request.

EPSS

Процентиль: 73%

0.00763

Низкий

7.6 High

CVSS3

Дефекты

CWE-94