Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-48170

PHPGurukul Small CRM 3.0 is vulnerable to Cross Site Scripting (XSS) via a crafted payload injected into the name in the profile.php.

Published

2025-02-10T18:15:26.243

Last Modified

2025-02-18T20:15:19.797

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.4 (MEDIUM)

Weaknesses

Type: Primary
CWE-79
Type: Secondary
CWE-79

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	phpgurukul	small_crm	3.0	Yes

References

https://medium.com/@jose.inaciot/cve-2024-48170-bee6ccb773d4 Third Party Advisory ([email protected])