CVE-2024-53481: XSS
First published: Tue Dec 10 2024(Updated: )
A Cross Site Scripting (XSS) vulnerability in the profile.php of PHPGurukul Beauty Parlour Management System v1.1 allows remote attackers to execute arbitrary code by injecting arbitrary HTML into the "Firstname" and "Last name" parameters.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Project Beauty Beauty Parlour Management System |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2024-53481?
CVE-2024-53481 is classified as a medium severity Cross Site Scripting (XSS) vulnerability.
How do I fix CVE-2024-53481?
To fix CVE-2024-53481, ensure that proper input validation and sanitization are implemented for the 'Firstname' and 'Last name' parameters.
Who is affected by CVE-2024-53481?
CVE-2024-53481 affects users of PHPGurukul Beauty Parlour Management System version 1.1.
What type of vulnerability is CVE-2024-53481?
CVE-2024-53481 is a Cross Site Scripting (XSS) vulnerability.
Can CVE-2024-53481 allow attackers to execute code?
Yes, CVE-2024-53481 allows remote attackers to execute arbitrary code by injecting HTML into specified parameters.
- agent/references
- agent/first-publish-date
- agent/description
- agent/type
- agent/author
- collector/nvd-api
- source/NVD
- agent/severity
- agent/last-modified-date
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/source
- agent/tags
- agent/softwarecombine
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/phpgurukul
- canonical/project beauty beauty parlour management system