Skip to main content

Maid Hiring Management System CVE-2023-37690

MEDIUM
Cross-site Scripting (XSS) (CWE-79)
2023-08-08 cve@mitre.org
4.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
4.8 MEDIUM
AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
Required
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
None

Lifecycle Timeline

1
CVE Published
Aug 08, 2023 - 12:15 nvd
MEDIUM 4.8

DescriptionNVD

Maid Hiring Management System v1.0 was discovered to contain a SQL injection vulnerability in the Search Maid page.

AnalysisAI

Maid Hiring Management System v1.0 was discovered to contain a SQL injection vulnerability in the Search Maid page. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Technical ContextAI

This vulnerability is classified as Cross-Site Scripting (XSS) (CWE-79), which allows attackers to inject malicious scripts into web pages viewed by other users. Maid Hiring Management System v1.0 was discovered to contain a SQL injection vulnerability in the Search Maid page. Affected products include: Phpgurukul Maid Hiring Management System.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Sanitize all user input, use Content-Security-Policy headers, encode output contextually (HTML, JS, URL). Use frameworks with built-in XSS protection.

CVE-2024-13023 MEDIUM POC
5.1 Dec 29

A vulnerability has been found in PHPGurukul Maid Hiring Management System 1.0 and classified as problematic. Rated medi

CVE-2023-37689 MEDIUM POC
4.8 Aug 08

Maid Hiring Management System v1.0 was discovered to contain a SQL injection vulnerability in the Booking Request page.

CVE-2023-37688 MEDIUM POC
4.8 Aug 08

Maid Hiring Management System v1.0 was discovered to contain a SQL injection vulnerability in the Admin page. Rated medi

CVE-2023-37746 MEDIUM
6.1 Jul 13

A cross-site scripting (XSS) vulnerability in Maid Hiring Management System v1.0 allows attackers to execute arbitrary w

CVE-2023-37745 MEDIUM
6.1 Jul 13

A cross-site scripting (XSS) vulnerability in Maid Hiring Management System v1.0 allows attackers to execute arbitrary w

CVE-2023-37744 MEDIUM
6.1 Jul 13

Maid Hiring Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the componen

CVE-2024-13016 MEDIUM
5.3 Dec 29

A vulnerability was found in PHPGurukul Maid Hiring Management System 1.0. Rated medium severity (CVSS 5.3), this vulner

CVE-2024-13014 MEDIUM
5.3 Dec 29

A vulnerability has been found in PHPGurukul Maid Hiring Management System 1.0 and classified as critical. Rated medium

CVE-2024-13018 MEDIUM
5.1 Dec 29

A vulnerability was found in PHPGurukul Maid Hiring Management System 1.0. Rated medium severity (CVSS 5.1), this vulner

CVE-2024-13017 MEDIUM
5.1 Dec 29

A vulnerability was found in PHPGurukul Maid Hiring Management System 1.0. Rated medium severity (CVSS 5.1), this vulner

CVE-2024-13015 MEDIUM
5.1 Dec 29

A vulnerability was found in PHPGurukul Maid Hiring Management System 1.0 and classified as problematic. Rated medium se

CVE-2024-13013 MEDIUM
5.1 Dec 29

A vulnerability, which was classified as problematic, was found in PHPGurukul Maid Hiring Management System 1.0. Rated m

Share

CVE-2023-37690 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy