CVE-2023-6442 LOW

CVE-2023-6442: PHPGurukul Nipah Virus Testing Management System add-phlebotomist.php cross site scripting

Vendor Phpgurukul
Product Nipah Virus Testing Management System
Weakness CWE-79 · XSS
Published November 30, 2023
Last update October 10, 2024
View on NVD All CVEs

CVSS base score

3.5/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction Required
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

What the vulnerability does

01Description

A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file add-phlebotomist.php. The manipulation of the argument empid/fullname leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-246445 was assigned to this vulnerability.

Key dates

02Disclosure timeline

November 30, 2023 CVE published
October 10, 2024 Record updated

Related vulnerabilities

04Related CVE

CVE-2025-41041 Stored Cross-Site Scripting vulnerability in appRain CMF CVE-2024-53255 Reflected Cross-site Scripting in /admin?page=media via file Parameter in BoidCMS CVE-2026-2714 Institute Management <= 5.5 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'Enquiry Form Title' Setting CVE-2026-42554 Fiber: XSS in AutoFormat Content Negotiation CVE-2025-13963 FX Currency Converter <= 0.2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes