CVE-2024-11675 | CodeAstro Hospital Management System 1.0 Add Patient Details Page his_admin_register_patient.php cross site scripting

A vulnerability has been found in CodeAstro Hospital Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /backend/admin/his_admin_register_patient.php of the component Add Patient Details Page. The manipulation of the argument pat_fname/pat_ailment/pat_lname/pat_age/pat_dob/pat_number/pat_phone/pat_type/pat_addr leads to cross site scripting.

This vulnerability is known as CVE-2024-11675. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2024-11675 | CodeAstro Hospital Management System 1.0 Add Patient Details Page his_admin_register_patient.php cross site scripting

Post correlati

CVE-2024-3226 | Campcodes Online Patient Record Management System 1.0 /admin/login.php password sql injection

CVE-2022-40700 | PHPFreeChat Plugin on WordPress server-side request forgery

VDB-267981 | Amazon Q for Business Prompt injection

CVE-2024-53716 | overtrue wp Auto Top Plugin up to 2.9.3 on WordPress cross-site request forgery