CVE-2024-51222 N/A — Exploit & Vulnerability Details MEDIUM

CVE-2024-51222

MEDIUM CVSS 3.1: 4.8 EPSS 0.03%

Parameter	Value
CVSS	4.8 (MEDIUM)
Type	CWE-79 (Cross-Site Scripting (XSS))
Vendor	N/A
Public PoC	No

A stored cross-site scripting (XSS) vulnerability in the component /admin/profile.php of Phpgurukul Vehicle Record Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name parameter.

Attack Parameters

Attack Vector

Network

Can be exploited remotely

Attack Complexity

Low

Easy to exploit

Privileges Required

High

Admin privileges needed

User Interaction

Required

User action required

Impact Assessment

Confidentiality

Low

Partial data leak

Integrity

Low

Partial data modification

Availability

None

No disruption

CVSS Vector v3.1

Weakness Type (CWE)

CWE-79 Cross-Site Scripting (XSS)

Vulnerable Products 1

Configuration	From (including)	Up to (excluding)
Phpgurukul Vehicle_Record_Management_System cpe:2.3:a:phpgurukul:vehicle_record_management_system:1.0:::::::*	—	—

References 2

https://github.com/Buckdray/vulnerability-research

cve@mitre.org

https://github.com/Buckdray/vulnerability-research/tree/main/CVE-2024-51222

cve@mitre.org

Share Post Share Share Share

Related Vulnerabilities

CVE-2026-4542

N/A

5.3

CVE-2026-4514

PHP

5.3

CVE-2025-58112

N/A

8.8

CVE-2026-30703

N/A

9.8

CVE-2026-30702

N/A

9.8

Menu

CVE-2024-51222

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

Vulnerable Products 1

References 2

Related Vulnerabilities

CVE-2026-4542

CVE-2026-4514

CVE-2025-58112

CVE-2026-30703

CVE-2026-30702

CVE Details

Editor's Choice

Menu

CVE-2024-51222

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

Vulnerable Products 1

References 2

Related Vulnerabilities

CVE-2026-4542

CVE-2026-4514

CVE-2025-58112

CVE-2026-30703

CVE-2026-30702

CVE Details

Editor's Choice

Stay informed on cybersecurity