CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-48703
https://notcve.org/view.php?id=CVE-2024-48703
06 Dec 2024 — PhpGurukul Medical Card Generation System v1.0 is vulnerable to Cross Site Scripting (XSS) in /admin/search-medicalcard.php via the searchdata parameter. • https://github.com/0xBhushan/Writeups/blob/main/CVE/phpGurukul/Medical%20Card%20Generation%20System/Reflected%20Cross-Site%20Scripting%20%28XSS%29-Search.pdf • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.3EPSS: 0%CPEs: 2EXPL: 0CVE-2024-44798
https://notcve.org/view.php?id=CVE-2024-44798
13 Sep 2024 — phpgurukul Bus Pass Management System 1.0 is vulnerable to Cross-site scripting (XSS) in /admin/pass-bwdates-reports-details.php via fromdate and todate parameters. • https://github.com/shouvikdutta1998/Bus_management • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-5305 – Online Banquet Booking System Contact Us Page mail.php cross site scripting
https://notcve.org/view.php?id=CVE-2023-5305
30 Sep 2023 — A vulnerability was found in Online Banquet Booking System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /mail.php of the component Contact Us Page. The manipulation of the argument message leads to cross site scripting. The attack may be launched remotely. The identifier of this vulnerability is VDB-240944. • https://vuldb.com/?ctiid.240944 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-5304 – Online Banquet Booking System Service Booking book-services.php cross site scripting
https://notcve.org/view.php?id=CVE-2023-5304
30 Sep 2023 — A vulnerability has been found in Online Banquet Booking System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /book-services.php of the component Service Booking. The manipulation of the argument message leads to cross site scripting. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-240943. • https://vuldb.com/?ctiid.240943 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •