What is CVE-2024-13083 — XSS in PHPGurukul Land Record System?

CVE-2024-13083 is a cross-site scripting (XSS) vulnerability affecting PHPGurukul Land Record System versions 1.0 through 1.0, allowing attackers to inject malicious scripts.

Am I affected by CVE-2024-13083 in PHPGurukul Land Record System?

You are affected if you are running PHPGurukul Land Record System version 1.0. Upgrade to version 1.0.1 to resolve the vulnerability.

How do I fix CVE-2024-13083 in PHPGurukul Land Record System?

Upgrade to version 1.0.1 of PHPGurukul Land Record System. As a temporary workaround, implement input validation and sanitization on the Admin Name field.

Is CVE-2024-13083 being actively exploited?

While there are no confirmed active campaigns, the vulnerability has been publicly disclosed, increasing the risk of exploitation.

Where can I find the official PHPGurukul advisory for CVE-2024-13083?

Refer to the PHPGurukul website or security mailing lists for the official advisory regarding CVE-2024-13083.

CVE-2024-13083 — Vulnerability Details

NEXTGUARD

Escanear grátis

CVE-2024-13083 — Vulnerability Details | NextGuard

Passos de Detecçãotraduzindo…

• php / web:

curl -I 'http://your-land-record-system/admin/admin-profile.php?Admin%20Name=<script>alert(1)</script>' | grep HTTP/1.1

• php / web: Examine /admin/admin-profile.php for unsanitized input handling of the 'Admin Name' parameter. • generic web: Check access logs for unusual requests to /admin/admin-profile.php with suspicious parameters in the Admin Name field.

PHPGurukul Land Record System admin-profile.php cross site scripting

Impacto e Cenários de Ataquetraduzindo…

Contexto de Exploraçãotraduzindo…

Quem Está em Riscotraduzindo…

Passos de Detecçãotraduzindo…

Linha do Tempo do Ataque

Inteligência de Ameaças

Software Afetado

Classificação de Fraqueza (CWE)

Linha do tempo

Mitigação e Soluções Alternativastraduzindo…

Como corrigir

Boletim de Segurança CVE

Perguntas frequentestraduzindo…

What is CVE-2024-13083 — XSS in PHPGurukul Land Record System?

Am I affected by CVE-2024-13083 in PHPGurukul Land Record System?

How do I fix CVE-2024-13083 in PHPGurukul Land Record System?

Is CVE-2024-13083 being actively exploited?

Where can I find the official PHPGurukul advisory for CVE-2024-13083?

Seu projeto está afetado?