CVE-2024-3086 – PHPGurukul Emergency Ambulance Hiring Portal Ambulance Tracking Page ambulance-tracking.php cross site scripting
https://notcve.org/view.php?id=CVE-2024-3086
A vulnerability classified as problematic was found in PHPGurukul Emergency Ambulance Hiring Portal 1.0. Affected by this vulnerability is an unknown functionality of the file ambulance-tracking.php of the component Ambulance Tracking Page. The manipulation of the argument searchdata leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. • https://github.com/dhabaleshwar/Open-Source-Vulnerabilities/blob/main/eahp_rxss.md https://vuldb.com/?ctiid.258679 https://vuldb.com/?id.258679 https://vuldb.com/?submit.306960 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2024-3085 – PHPGurukul Emergency Ambulance Hiring Portal Admin Login Page login.php sql injection
https://notcve.org/view.php?id=CVE-2024-3085
A vulnerability classified as critical has been found in PHPGurukul Emergency Ambulance Hiring Portal 1.0. Affected is an unknown function of the file /admin/login.php of the component Admin Login Page. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. • https://github.com/chebuya/CVE-2024-30850-chaos-rat-rce-poc https://github.com/chebuya/CVE-2024-30851-jasmin-ransomware-path-traversal-poc https://github.com/dhabaleshwar/Open-Source-Vulnerabilities/blob/main/eahp_sqli.md https://vuldb.com/?ctiid.258678 https://vuldb.com/?id.258678 https://vuldb.com/?submit.306958 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2024-3084 – PHPGurukul Emergency Ambulance Hiring Portal Hire an Ambulance Page cross site scripting
https://notcve.org/view.php?id=CVE-2024-3084
A vulnerability was found in PHPGurukul Emergency Ambulance Hiring Portal 1.0. It has been rated as problematic. This issue affects some unknown processing of the component Hire an Ambulance Page. The manipulation of the argument Patient Name/Relative Name/Relative Phone Number/City/State/Message leads to cross site scripting. The attack may be initiated remotely. • https://github.com/dhabaleshwar/Open-Source-Vulnerabilities/blob/main/eahp_sxss.md https://vuldb.com/?ctiid.258677 https://vuldb.com/?id.258677 https://vuldb.com/?submit.306957 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •