5 matches found
CVE-2024-48170
PHPGurukul Small CRM 3.0 is vulnerable to Cross Site Scripting XSS via a crafted payload injected into the name in the profile.php...
CVE-2024-48170
PHPGurukul Small CRM 3.0 is vulnerable to Cross Site Scripting XSS via a crafted payload injected into the name in the profile.php...
CVE-2024-48170
creationtimestamp| type| source ---|---|--- 2025-02-10 17:41:08+00:00| seen| https://infosec.exchange/users/cve/statuses/113980818569878994 2025-02-10 18:15:49+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhtqte25ux23...
CVE-2024-48170
PHPGurukul Small CRM 3.0 is vulnerable to Cross Site Scripting XSS via a crafted payload injected into the name in the profile.php...
CVE-2024-48170
PHPGurukul Small CRM 3.0 is vulnerable to Cross Site Scripting (XSS) via a crafted payload injected into the name field in profile.php. The vulnerability stems from insufficient filtering/escaping of user data in profile.php. CVSSv3.1 base score is 5.4 (Medium) with Network, Low attack complexity...