CVE-2024-13074 MEDIUM

CVE-2024-13074: PHPGurukul Land Record System index.php cross site scripting

Vendor Phpgurukul

Product Land Record System

Weakness CWE-79 · XSS

Published December 31, 2024

Last update December 31, 2024

View on NVD All CVEs

CVSS base score

5.3/10

Attack vector Network

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

What the vulnerability does

01Description

A vulnerability classified as problematic has been found in PHPGurukul Land Record System 1.0. This affects an unknown part of the file /index.php. The manipulation of the argument searchdata leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Key dates

02Disclosure timeline

December 31, 2024 CVE published

December 31, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2024-13074

Related vulnerabilities

04Related CVE

CVE-2024-2347 Astra <= 4.6.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Display Name CVE-2024-49692 WordPress AffiliateX plugin <= 1.2.9 - Cross Site Scripting (XSS) vulnerability CVE-2026-9109 GPTranslate <= 2.31 - Unauthenticated Stored Cross-Site Scripting via REST API Translation Storage CVE-2026-42338 ip-address: XSS in Address6 HTML-emitting methods CVE-2025-0537 code-projects Car Rental Management System manage-pages.php cross site scripting