CVE-2024-3089 MEDIUM

CVE-2024-3089: PHPGurukul Emergency Ambulance Hiring Portal Manage Ambulance Page manage-ambulance.php cross-site request forgery

Vendor Phpgurukul
Product Emergency Ambulance Hiring Portal
Weakness CWE-352 · CSRF
Published March 30, 2024
Last update August 1, 2024
View on NVD All CVEs

CVSS base score

4.3/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

What the vulnerability does

01Description

A vulnerability has been found in PHPGurukul Emergency Ambulance Hiring Portal 1.0 and classified as problematic. This vulnerability affects unknown code of the file /admin/manage-ambulance.php of the component Manage Ambulance Page. The manipulation of the argument del leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-258682 is the identifier assigned to this vulnerability.

Key dates

02Disclosure timeline

March 30, 2024 CVE published
August 1, 2024 Record updated

Related vulnerabilities

04Related CVE

CVE-2023-27436 WordPress Elegant Custom Fonts Plugin <= 1.0 is vulnerable to Cross Site Request Forgery (CSRF) CVE-2021-3976 Cross-Site Request Forgery (CSRF) in kevinpapst/kimai2 CVE-2025-48078 WordPress Slick Google Map plugin <= 0.3 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability CVE-2025-58250 WordPress Findgo Theme <= 1.3.55 - Cross Site Request Forgery (CSRF) Vulnerability CVE-2025-28884 WordPress WP Bulk Post Duplicator plugin <= 1.2 - Cross Site Request Forgery (CSRF) vulnerability