Arbitrary Code Execution via Cross Site Scripting (XSS) in phpgurukul Teacher Subject Allocation Management System 1.0

Arbitrary Code Execution via Cross Site Scripting (XSS) in phpgurukul Teacher Subject Allocation Management System 1.0

CVE-2023-46026 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

Cross Site Scripting (XSS) vulnerability in profile.php in phpgurukul Teacher Subject Allocation Management System 1.0 allows attackers to run arbitrary code via the 'adminname' and 'email' parameters.

Learn more about our Web Application Penetration Testing UK.