CVE-2023-0527

🗓️ 27 Jan 2023 10:32:39Reported by VulDBType

cve🔗 web.nvd.nist.gov👁 87 Views🌐 WEB

A cross site scripting vulnerability in PHPGurukul Online Security Guards Hiring System 1.0 allows remote attackers to execute arbitrary code via the searchdata parameter

Reporter	Title	Published	Views	Family All 16
0day.today	Online Security Guards Hiring System 1.0 - Reflected XSS Exploit	31 May 202300:00	–	zdt
ATTACKERKB	CVE-2023-39552	4 Aug 202319:15	–	attackerkb
Circl	CVE-2023-0527	27 Jan 202314:34	–	circl
CNNVD	PHPGurukul Online Security Guards Hiring System 跨站脚本漏洞	27 Jan 202300:00	–	cnnvd
CNNVD	编号撤回	14 Jul 202300:00	–	cnnvd
Cvelist	CVE-2023-0527 PHPGurukul Online Security Guards Hiring System search-request.php cross site scripting	27 Jan 202310:32	–	cvelist
Exploit DB	Online Security Guards Hiring System 1.0 - Reflected XSS	31 May 202300:00	–	exploitdb
EUVD	EUVD-2023-12572	3 Oct 202520:07	–	euvd
Nuclei	Online Security Guards Hiring System - Cross-Site Scripting	6 Jun 202603:01	–	nuclei
NVD	CVE-2023-0527	27 Jan 202311:15	–	nvd

NVD

Vulners

Node

online_security_guards_hiring_system_project online_security_guards_hiring_systemMatch1.0

[
  {
    "vendor": "PHPGurukul",
    "product": "Online Security Guards Hiring System",
    "versions": [
      {
        "version": "1.0",
        "status": "affected"
      }
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/
github	www.github.com/ctflearner/Vulnerability/blob/main/Online-Security-guard-POC.md

Parameter	Position	Path	Description	CWE
adminname	request body	osghs/admin/admin-profile.php	Reflected XSS via adminname parameter in admin-profile.php	CWE-79
searchdata	request body	osghs/search.php	Reflected XSS via searchdata parameter in search.php	CWE-79
search	request body	osghs/search.php	Reflected XSS via searchdata parameter in search.php	CWE-79

21 Nov 2024 07:37Current

4.7Medium risk

Vulners AI Score4.7

CVSS 3.13.5 - 6.1

CVSS 24

CVSS 33.5

EPSS0.08968

CWE-79