CVE-2024-34230

Sourcecodester Laboratory Management System v1.0 is affected by a cross-site scripting (XSS) vulnerability in the System Information parameter. The root cause is improper handling/sanitization of user-supplied input, allowing attackers to inject arbitrary web scripts or HTML. Impact disclosed in ...

CVE-2024-34231

CVE-2024-34231 affects Sourcecodester Laboratory Management System v1.0 with a cross-site scripting (XSS) flaw exploitable via a crafted payload in the System Short Name parameter. The issue enables attackers to execute arbitrary web scripts or HTML, with CVSSv3.1 base score 7.1 (HIGH) and user i...

CVE-2024-33305

SourceCodester Laboratory Management System 1.0 is affected by a Cross Site Scripting (XSS) vulnerability via the Middle Name parameter in Create User. The issue is documented across multiple sources, with CVE-2024-33305 noting an XSS path and a CVSS v3.1 base score of 6.1 (Network attack vector,...

CVE-2024-33307

SourceCodester Laboratory Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via the Last Name field in Create User. The root cause is insufficient input validation/escaping in that parameter, enabling script injection. CVSS 3.1 base score 5.4 (Medium) with Network attack vector, l...

CVE-2024-33306

SourceCodester Laboratory Management System 1.0 is affected by Cross Site Scripting (XSS) via the First Name parameter in Create User. CVSS v3.1 base score 7.4 (HIGH) with UI interaction required; impact focused on confidentiality (C:H) while other impacts are not indicated. Root cause: input han...