A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /update_medicine.php. The manipulation of the argument medicine_name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
History

Mon, 19 Aug 2024 18:15:00 +0000

Type Values Removed Values Added
First Time appeared Oretnom23 clinic\'s Patient Management System
CPEs cpe:2.3:a:oretnom23:clinics_patient_management_system:1.0:*:*:*:*:*:*:* cpe:2.3:a:oretnom23:clinic\'s_patient_management_system:1.0:*:*:*:*:*:*:*
Vendors & Products Oretnom23 clinics Patient Management System
Oretnom23 clinic\'s Patient Management System

Thu, 15 Aug 2024 17:45:00 +0000

Type Values Removed Values Added
First Time appeared Oretnom23
Oretnom23 clinics Patient Management System
CPEs cpe:2.3:a:oretnom23:clinics_patient_management_system:1.0:*:*:*:*:*:*:*
Vendors & Products Oretnom23
Oretnom23 clinics Patient Management System

Wed, 14 Aug 2024 14:30:00 +0000

Type Values Removed Values Added
First Time appeared Sourcecodester
Sourcecodester clinics Patient Management System
CPEs cpe:2.3:a:sourcecodester:clinics_patient_management_system:1.0:*:*:*:*:*:*:*
Vendors & Products Sourcecodester
Sourcecodester clinics Patient Management System
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 13 Aug 2024 23:45:00 +0000

Type Values Removed Values Added
Description A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /update_medicine.php. The manipulation of the argument medicine_name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Title SourceCodester Clinics Patient Management System update_medicine.php cross site scripting
Weaknesses CWE-79
References
Metrics cvssV2_0

{'score': 4, 'vector': 'AV:N/AC:L/Au:S/C:N/I:P/A:N'}

cvssV3_0

{'score': 3.5, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N'}

cvssV3_1

{'score': 3.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2024-08-13T23:31:04.364Z

Updated: 2024-08-14T13:37:18.924Z

Reserved: 2024-08-13T16:12:24.554Z

Link: CVE-2024-7752

cve-icon Vulnrichment

Updated: 2024-08-14T13:37:10.868Z

cve-icon NVD

Status : Analyzed

Published: 2024-08-14T00:15:08.433

Modified: 2024-08-19T17:48:25.793

Link: CVE-2024-7752

cve-icon Redhat

No data.