CVE-2024-2535

CVSS 3.1 Score 3.8 of 10 (low)

Details

Published Mar 17, 2024

Updated: May 17, 2024

CWE ID 89

Summary

CVE-2024-2535 is a newly disclosed vulnerability affecting the MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0. The issue lies in the code of the /admin/users.php file, which can be exploited through manipulation of the id argument. This cross-site scripting vulnerability can be triggered remotely, allowing attackers to inject malicious code into unsuspecting users' browsers. Despite early notification, the vendor has not yet responded, leaving the public at risk of exploitation. (VDB-256972)

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

PHPGurukul Zoo Management System

Affected Vendors

Phpgurukul

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/ubj3TL
https://www.cve.org/CVERecord?id=CVE-2024-2535
https://nvd.nist.gov/vuln/detail/CVE-2024-2535

Back to Vulnerability Database