CVE-2024-44798

phpgurukul Bus Pass Management System 1.0 is vulnerable to Cross-site scripting (XSS) in /admin/pass-bwdates-reports-details.php via fromdate and todate parameters.
References
Link Resource
https://github.com/shouvikdutta1998/Bus_management Exploit Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:anujk305:bus_pass_management_system:1.0:*:*:*:*:*:*:*

History

16 Sep 2024, 13:19

Type Values Removed Values Added
First Time Anujk305 bus Pass Management System
Anujk305
References () https://github.com/shouvikdutta1998/Bus_management - () https://github.com/shouvikdutta1998/Bus_management - Exploit, Third Party Advisory
CPE cpe:2.3:a:anujk305:bus_pass_management_system:1.0:*:*:*:*:*:*:*
Summary
  • (es) phpgurukul Bus Pass Management System 1.0 es vulnerable a Cross-site Scripting (XSS) en /admin/pass-bwdates-reports-details.php a través de los parámetros fromdate y todate.
CVSS v2 : unknown
v3 : 6.3
v2 : unknown
v3 : 4.8

13 Sep 2024, 18:35

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.3
CWE CWE-79

13 Sep 2024, 16:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-13 16:15

Updated : 2024-09-16 13:19


NVD link : CVE-2024-44798

Mitre link : CVE-2024-44798

CVE.ORG link : CVE-2024-44798


JSON object : View

Products Affected

anujk305

  • bus_pass_management_system
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')