{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2024-3084","assignerOrgId":"1af790b2-7ee1-4545-860a-a788eba489b5","state":"PUBLISHED","assignerShortName":"VulDB","dateReserved":"2024-03-29T14:27:01.981Z","datePublished":"2024-03-30T07:31:04.348Z","dateUpdated":"2024-08-01T19:32:42.624Z"},"containers":{"cna":{"providerMetadata":{"orgId":"1af790b2-7ee1-4545-860a-a788eba489b5","shortName":"VulDB","dateUpdated":"2024-03-30T07:31:04.348Z"},"title":"PHPGurukul Emergency Ambulance Hiring Portal Hire an Ambulance Page cross site scripting","problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-79","lang":"en","description":"CWE-79 Cross Site Scripting"}]}],"affected":[{"vendor":"PHPGurukul","product":"Emergency Ambulance Hiring Portal","versions":[{"version":"1.0","status":"affected"}],"modules":["Hire an Ambulance Page"]}],"descriptions":[{"lang":"en","value":"A vulnerability was found in PHPGurukul Emergency Ambulance Hiring Portal 1.0. It has been rated as problematic. This issue affects some unknown processing of the component Hire an Ambulance Page. The manipulation of the argument Patient Name/Relative Name/Relative Phone Number/City/State/Message leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-258677 was assigned to this vulnerability."},{"lang":"de","value":"Eine Schwachstelle wurde in PHPGurukul Emergency Ambulance Hiring Portal 1.0 ausgemacht. Sie wurde als problematisch eingestuft. Dies betrifft einen unbekannten Teil der Komponente Hire an Ambulance Page. Dank Manipulation des Arguments Patient Name/Relative Name/Relative Phone Number/City/State/Message mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk passieren. Der Exploit steht zur öffentlichen Verfügung."}],"metrics":[{"cvssV3_1":{"version":"3.1","baseScore":4.3,"vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","baseSeverity":"MEDIUM"}},{"cvssV3_0":{"version":"3.0","baseScore":4.3,"vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","baseSeverity":"MEDIUM"}},{"cvssV2_0":{"version":"2.0","baseScore":5,"vectorString":"AV:N/AC:L/Au:N/C:N/I:P/A:N"}}],"timeline":[{"time":"2024-03-29T00:00:00.000Z","lang":"en","value":"Advisory disclosed"},{"time":"2024-03-29T01:00:00.000Z","lang":"en","value":"VulDB entry created"},{"time":"2024-03-29T15:32:32.000Z","lang":"en","value":"VulDB entry last update"}],"credits":[{"lang":"en","value":"dhabaleshwar (VulDB User)","type":"reporter"}],"references":[{"url":"https://vuldb.com/?id.258677","name":"VDB-258677 | PHPGurukul Emergency Ambulance Hiring Portal Hire an Ambulance Page cross site scripting","tags":["vdb-entry","technical-description"]},{"url":"https://vuldb.com/?ctiid.258677","name":"VDB-258677 | CTI Indicators (IOB, IOC, TTP, IOA)","tags":["signature","permissions-required"]},{"url":"https://vuldb.com/?submit.306957","name":"Submit #306957 | PHPGurukul Emergency Ambulance Hiring Portal 1.0 Cross Site Scripting","tags":["third-party-advisory"]},{"url":"https://github.com/dhabaleshwar/Open-Source-Vulnerabilities/blob/main/eahp_sxss.md","tags":["exploit"]}]},"adp":[{"affected":[{"vendor":"phpgurukul","product":"emergency_ambulance_hiring_portal","cpes":["cpe:2.3:a:phpgurukul:emergency_ambulance_hiring_portal:1.0:*:*:*:*:*:*:*"],"defaultStatus":"unknown","versions":[{"version":"1.0","status":"affected"}]}],"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-07-12T15:09:26.747242Z","id":"CVE-2024-3084","options":[{"Exploitation":"poc"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-07-12T18:14:38.183Z"}},{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-01T19:32:42.624Z"},"title":"CVE Program Container","references":[{"url":"https://vuldb.com/?id.258677","name":"VDB-258677 | PHPGurukul Emergency Ambulance Hiring Portal Hire an Ambulance Page cross site scripting","tags":["vdb-entry","technical-description","x_transferred"]},{"url":"https://vuldb.com/?ctiid.258677","name":"VDB-258677 | CTI Indicators (IOB, IOC, TTP, IOA)","tags":["signature","permissions-required","x_transferred"]},{"url":"https://vuldb.com/?submit.306957","name":"Submit #306957 | PHPGurukul Emergency Ambulance Hiring Portal 1.0 Cross Site Scripting","tags":["third-party-advisory","x_transferred"]},{"url":"https://github.com/dhabaleshwar/Open-Source-Vulnerabilities/blob/main/eahp_sxss.md","tags":["exploit","x_transferred"]}]}]}}