CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-30989

Cross Site Scripting vulnerability in /edit-client-details.php of phpgurukul Client Management System using PHP & MySQL 1.1 allows attackers to execute arbitrary code via the "cname", "comname", "state" and "city" parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 47.9%

CVSS Severity

CVSS v3 Score 5.4

References

https://medium.com/%40shanunirwan/cve-2024-30989-multiple-stored-cross-site-scripting-vulnerabilities-in-client-management-system-3cfa1c54e4a6
https://medium.com/%40shanunirwan/cve-2024-30989-multiple-stored-cross-site-scripting-vulnerabilities-in-client-management-system-3cfa1c54e4a6

Products affected by CVE-2024-30989

Phpgurukul » Client Management System » Version: 1.1

cpe:2.3:a:phpgurukul:client_management_system:1.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-30989

Products

Pricing

Contact Us