CVE-2024-51107

Multiple stored cross-site scripting (XSS) vulnerabilities in the component /mcgs/admin/contactus.php of PHPGURUKUL Medical Card Generation System using PHP and MySQL v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the pagetitle, pagedes, and email parameters.

CVSS

No CVSS.

References

Link	Resource
https://github.com/0xBhushan/Writeups/blob/main/CVE/phpGurukul/Medical%20Card%20Generation%20System/Stored%20XSS-Contact%20Us.pdf

Configurations

No configuration.

History

23 May 2025, 15:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-05-23 15:15

Updated : 2025-05-23 15:54

NVD link : CVE-2024-51107

Mitre link : CVE-2024-51107

CVE.ORG link : CVE-2024-51107

JSON object : View

Products Affected

No product.

CWE

No CWE.

JSON object

Attach tags to CVE-2024-51107

Attach tags to `CVE-2024-51107`