CVE-2024-11678 | CodeAstro Hospital Management System 1.0 his_doc_register_patient.php cross site scripting

Posted by Angelo Barbosa | Nov 25, 2024 | CVE

A vulnerability was found in CodeAstro Hospital Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /backend/doc/his_doc_register_patient.php. The manipulation of the argument pat_fname/pat_ailment/pat_lname/pat_age/pat_dob/pat_number/pat_phone/pat_type/pat_addr leads to cross site scripting.

This vulnerability was named CVE-2024-11678. The attack can be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-11678 | CodeAstro Hospital Management System 1.0 his_doc_register_patient.php cross site scripting

Related Posts

CVE-2023-6511 | Google Chrome prior 120.0.6099.62 Autofill information disclosure

CVE-2024-8476 | Easy PayPal Events Plugin up to 1.2.1 on WordPress Post cross-site request forgery

CVE-2024-8084 | SourceCodester Online Computer and Laptop Store 1.0 Setting SystemSettings.php System Name cross site scripting

CVE-2023-21751 | Microsoft Azure DevOps Server 2020.1.2/2022 unknown vulnerability