CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-40481
https://notcve.org/view.php?id=CVE-2024-40481
08 Aug 2024 — A Stored Cross Site Scripting (XSS) vulnerability was found in "/admin/view-enquiry.php" in PHPGurukul Old Age Home Management System v1.0, which allows remote attackers to execute arbitrary code via the Contact Us page "message" parameter. • https://github.com/takekaramey/CVE_Writeup/blob/main/PHPGurukul/Old%20Age%20Home%20Mgmt%20System%20v1.0/Stored%20XSS.pdf • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-40484
https://notcve.org/view.php?id=CVE-2024-40484
08 Aug 2024 — A Reflected Cross Site Scripting (XSS) vulnerability was found in "/oahms/search.php" in PHPGurukul Old Age Home Management System v1.0, which allows remote attackers to execute arbitrary code via the "searchdata" parameter. • https://github.com/takekaramey/CVE_Writeup/blob/main/PHPGurukul/Old%20Age%20Home%20Mgmt%20System%20v1.0/Reflected%20XSS.pdf • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 34%CPEs: 1EXPL: 1CVE-2023-33338
https://notcve.org/view.php?id=CVE-2023-33338
23 May 2023 — Old Age Home Management 1.0 is vulnerable to SQL Injection via the username parameter. • https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/ANUJ-KUMAR/Old-Age-Home-Management-2022-2023-1.0 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •