How severe is CVE-2024-10806?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.8 out of 10.

What type of vulnerability is CVE-2024-10806?

This is classified as CWE-74, which is a common weakness in software security.

CVE-2024-10806 - MEDIUM Severity | CVSS 4.8

Vulnerability Description

A vulnerability was found in PHPGurukul Hospital Management System 4.0. It has been declared as problematic. This vulnerability affects unknown code of the file betweendates-detailsreports.php. The manipulation of the argument fromdate/todate leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Related Vulnerabilities

CVE-2021-29208

MEDIUM

CVSS:4.8(Medium)

A remote dom xss, crlf injection vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity...

CWE-742021

CVE-2021-29209

MEDIUM

CVSS:4.8(Medium)

CWE-742021

CVE-2021-29210

MEDIUM

CVSS:4.8(Medium)

CWE-742021

CVE-2021-30057

MEDIUM

CVSS:4.8(Medium)

A stored HTML injection vulnerability exists in Knowage Suite version 7.1. An attacker can inject arbitrary HTML in "/restful-services/2.0/analyticalDrivers" via the 'LABEL' and 'NAME' parameters.

CWE-742021

CVE-2022-22344

MEDIUM

CVSS:4.8(Medium)

IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct v...

CWE-742022

CVE-2023-4157

MEDIUM

CVSS:4.8(Medium)

CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') in GitHub repository omeka/omeka-s prior to version 4.0.3.

CWE-742023