CVE-2024-51106 | THREATINT

Description

A cross-site scripting (XSS) vulnerability in the component mcgs/admin/aboutus.php of PHPGURUKUL Medical Card Generation System using PHP and MySQL v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the pagetitle parameter.

PUBLISHED Reserved 2024-10-28 | Published 2025-05-19 | Updated 2025-05-19 | Assigner mitre

References

github.com/...Card Generation System/Stored XSS-About Us.pdf

cve.org (CVE-2024-51106)

nvd.nist.gov (CVE-2024-51106)

Download JSON