anoncoder01 - Security Researcher - Exploit Intelligence Platform

CVE-2024-46236 WRITEUP MEDIUM WRITEUP

Codeastro Membership Management System - XSS

CodeAstro Membership Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via the address parameter in add_members.php and edit_member.php.

CVSS 5.4

View Code

CVE-2024-46237 WRITEUP MEDIUM WRITEUP

Phpgurukul Hospital Management System - XSS

PHPGurukul Hospital Management System 4.0 is vulnerable to Cross Site Scripting (XSS) via the patname, pataddress, and medhis parameters in doctor/add-patient.php and doctor/edit-patient.php.

CVSS 5.4

View Code

CVE-2024-46238 WRITEUP MEDIUM WRITEUP

Phpgurukul Hospital Management System - XSS

Multiple Cross Site Scripting (XSS) vulnerabilities exist in PHPGurukul Hospital Management System 4.0 via the docname parameter in /admin/add-doctor.php and /admin/edit-doctor.php

CVSS 5.9

View Code

CVE-2024-46239 WRITEUP MEDIUM WRITEUP

Phpgurukul Hospital Management System - XSS

Multiple cross-site scripting vulnerabilities exist in PHPGurukul Hospital Management System 4.0 via the docname parameter in /doctor/edit-profile.php and adminremark parameter in /admin/query-details.php.

CVSS 5.9

View Code

CVE-2024-46240 WRITEUP MEDIUM WRITEUP

O-dyn Collabtive - XSS

Collabtive 3.1 is vulnerable to Cross-site scripting (XSS) via the name parameter under action=system and the company/contact parameters under action=addcust within admin.php file.

CVSS 4.8

View Code

CVE-2024-48706 WRITEUP MEDIUM WRITEUP

O-dyn Collabtive - XSS

Collabtive 3.1 is vulnerable to Cross-site scripting (XSS) via the title parameter with action=add or action=editform within the (a) managemessage.php file and (b) managetask.php file respectively.

CVSS 5.4

View Code

CVE-2024-48707 WRITEUP MEDIUM WRITEUP

O-dyn Collabtive - XSS

Collabtive 3.1 is vulnerable to Cross-site scripting (XSS) via the name parameter under (a) action=add or action=edit within managemilestone.php file and (b) action=addpro within admin.php file.

CVSS 5.4

View Code

CVE-2024-48708 WRITEUP MEDIUM WRITEUP

O-dyn Collabtive - XSS

Collabtive 3.1 is vulnerable to Cross-Site Scripting (XSS) via the name parameter in (a) file tasklist.php under action = add/edit and in (b) file admin.php under action = adduser/edituser.

CVSS 5.4

View Code

CVE-2024-48709 WRITEUP MEDIUM WRITEUP

Codeastro Membership Management System - XSS

CodeAstro Membership Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via the membershipType parameter in edit_type.php

CVSS 5.4

View Code