Lucene search

K

AttackerKBAKB:C5FBF733-241B-4D6F-9424-D403969FC060

HistoryAug 16, 2021 - 12:00 a.m.

CVE-2021-38757

2021-08-1600:00:00

attackerkb.com

13

0.001 Low

EPSS

Percentile

42.3%

Persistent cross-site scripting (XSS) in Hospital Management System targeted towards web admin through contact.php.

Recent assessments:

nu11secur1ty at August 17, 2021 2:20pm UTC reported:

XSS-Stored PHPSESSID user PWNED on Hospital Management System Vulnerable parameter “txtMsg” on contact

Reproduce:

<https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2021-38757>

Proof:

<https://streamable.com/6xue3b>

Assessed Attacker Value: 5
Assessed Attacker Value: 5Assessed Attacker Value: 5

References

packetstormsecurity.com/files/163869/Hospital-Management-System-Cross-Site-Scripting.html

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38757

github.com/kishan0725/Hospital-Management-System/issues/6

0.001 Low

EPSS

Percentile

42.3%

Related for AKB:C5FBF733-241B-4D6F-9424-D403969FC060

cnvd1 nvd1 cve1 packetstorm1 prion1 cvelist1