Cross-site scripting (XSS) vulnerability in search-appointment.php in the Admin Panel in Phpgurukul Beauty Parlour Management System 1.0 allows remote attackers to inject arbitrary web script or HTML via the search input field.
CVSS
No CVSS.
References
| Link | Resource |
|---|---|
| https://cyberxtron.com/blog/cve-2024-37798---cross-site-scripting-xss-in-beauty-parlour-management-system--5187 | Exploit Third Party Advisory |
| https://cyberxtron.com/blog/cve-2024-37798---cross-site-scripting-xss-in-beauty-parlour-management-system--5187 | Exploit Third Party Advisory |
| https://owasp.org/www-community/attacks/xss/ | Technical Description |
| https://owasp.org/www-community/attacks/xss/ | Technical Description |
Configurations
History
03 Apr 2025, 00:48
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Phpgurukul beauty Parlour Management System
Phpgurukul |
|
| CPE | cpe:2.3:a:phpgurukul:beauty_parlour_management_system:1.0:*:*:*:*:*:*:* | |
| References | () https://cyberxtron.com/blog/cve-2024-37798---cross-site-scripting-xss-in-beauty-parlour-management-system--5187 - Exploit, Third Party Advisory | |
| References | () https://owasp.org/www-community/attacks/xss/ - Technical Description |
17 Jun 2024, 21:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-06-17 21:15
Updated : 2025-04-03 00:48
NVD link : CVE-2024-37798
Mitre link : CVE-2024-37798
JSON object : View
Products Affected
phpgurukul
- beauty_parlour_management_system
CWE
No CWE.