anoncoder01

9 exploits Active since Oct 2024
CVE-2024-46236 WRITEUP MEDIUM WRITEUP
CodeAstro Membership Management System 1.0 - Stored Cross-Site Scripting via Address Parameter
CodeAstro Membership Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via the address parameter in add_members.php and edit_member.php.
CVSS 5.4
CVE-2024-46237 WRITEUP MEDIUM WRITEUP
PHPGurukul Hospital Management System 4.0 - Stored Cross-Site Scripting via patname, pataddress, and medhis Parameters
PHPGurukul Hospital Management System 4.0 is vulnerable to Cross Site Scripting (XSS) via the patname, pataddress, and medhis parameters in doctor/add-patient.php and doctor/edit-patient.php.
CVSS 5.4
CVE-2024-46238 WRITEUP MEDIUM WRITEUP
PHPGurukul Hospital Management System 4.0 - Stored Cross-Site Scripting via docname Parameter
Multiple Cross Site Scripting (XSS) vulnerabilities exist in PHPGurukul Hospital Management System 4.0 via the docname parameter in /admin/add-doctor.php and /admin/edit-doctor.php
CVSS 5.9
CVE-2024-46239 WRITEUP MEDIUM WRITEUP
PHPGurukul Hospital Management System 4.0 - Cross-Site Scripting via docname and adminremark Parameters
Multiple cross-site scripting vulnerabilities exist in PHPGurukul Hospital Management System 4.0 via the docname parameter in /doctor/edit-profile.php and adminremark parameter in /admin/query-details.php.
CVSS 5.9
CVE-2024-46240 WRITEUP MEDIUM WRITEUP
Collabtive 3.1 - Stored Cross-Site Scripting via admin.php Parameters
Collabtive 3.1 is vulnerable to Cross-site scripting (XSS) via the name parameter under action=system and the company/contact parameters under action=addcust within admin.php file.
CVSS 4.8
CVE-2024-48706 WRITEUP MEDIUM WRITEUP
Collabtive 3.1 - Stored Cross-Site Scripting via Title Parameter in managemessage.php and managetask.php
Collabtive 3.1 is vulnerable to Cross-site scripting (XSS) via the title parameter with action=add or action=editform within the (a) managemessage.php file and (b) managetask.php file respectively.
CVSS 5.4
CVE-2024-48707 WRITEUP MEDIUM WRITEUP
Collabtive 3.1 - Stored Cross-Site Scripting via Name Parameter in Milestone Management
Collabtive 3.1 is vulnerable to Cross-site scripting (XSS) via the name parameter under (a) action=add or action=edit within managemilestone.php file and (b) action=addpro within admin.php file.
CVSS 5.4
CVE-2024-48708 WRITEUP MEDIUM WRITEUP
Collabtive 3.1 - Stored Cross-Site Scripting via Name Parameter in Tasklist and Admin Actions
Collabtive 3.1 is vulnerable to Cross-Site Scripting (XSS) via the name parameter in (a) file tasklist.php under action = add/edit and in (b) file admin.php under action = adduser/edituser.
CVSS 5.4
CVE-2024-48709 WRITEUP MEDIUM WRITEUP
CodeAstro Membership Management System 1.0 - Stored Cross-Site Scripting via membershipType Parameter
CodeAstro Membership Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via the membershipType parameter in edit_type.php
CVSS 5.4