CVE-2024-13074

MEDIUM5.3/ 10.0
Share:
Published: December 31, 2024 at 05:15 PM
Modified: April 3, 2025 at 02:52 PM
Source: cna@vuldb.com

Vulnerability Description

A vulnerability classified as problematic has been found in PHPGurukul Land Record System 1.0. This affects an unknown part of the file /index.php. The manipulation of the argument searchdata leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

CVSS Metrics

Base Score
5.3
Severity
MEDIUM
Vector String
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Weaknesses (CWE)

CWE-79
CWE-94
Source: cna@vuldb.com
CWE-79
Source: nvd@nist.gov

References & Intelligence

https://phpgurukul.com/
Source: cna@vuldb.com
Product
https://vuldb.com/?ctiid.289827
Source: cna@vuldb.com
Permissions RequiredVDB Entry
https://vuldb.com/?id.289827
Source: cna@vuldb.com
Third Party AdvisoryVDB Entry
https://vuldb.com/?submit.472181
Source: cna@vuldb.com
Third Party AdvisoryVDB Entry
https://phpgurukul.com/land-record-system-using-php-and-mysql/#google_vignette
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Product

Related Resources

Browse CVE Database
Search 294,000+ vulnerabilities
CVEs from 2024
View all vulnerabilities this year
CWE Database
Explore weakness categories
Security Writeups
Learn from real-world examples
About 4nuxd
Cybersecurity research & tools
Homepage
Explore more security resources