CVE-2023-7173

MEDIUM LAB

Phpgurukul Hospital Management System - XSS

Title source: rule

Description

A vulnerability, which was classified as problematic, was found in PHPGurukul Hospital Management System 1.0. This affects an unknown part of the file registration.php. The manipulation of the argument First Name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249357 was assigned to this vulnerability.

Exploits (1)

nomisec WORKING POC 3 stars

by sharathc213 · poc

https://github.com/sharathc213/CVE-2023-7173

View Code ZIP pw:eip

References (4)

Core 4

Core References

Third Party Advisory vdb-entry technical-description

https://vuldb.com/?id.249357

Permissions Required, Third Party Advisory signature permissions-required

https://vuldb.com/?ctiid.249357

Exploit, Third Party Advisory related

https://drive.google.com/file/d/1Mqs0mmxxmKLrFLHekPke5bZnzMHvnrFm/view?usp=sharing

Exploit, Third Party Advisory exploit

https://github.com/sharathc213/CVE-2023-7173

Scores

CVSS v3 4.3

EPSS 0.1142

EPSS Percentile 93.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Lab Environment

COMMUNITY

Community Lab

docker pull mysql:8.0

https://github.com/sharathc213/CVE-2023-7173

View in Library

Details

CWE

CWE-79

Status published

Products (1)

phpgurukul/hospital_management_system 1.0

Published Dec 30, 2023

Tracked Since Feb 18, 2026