CVE-2024-51226
Stored XSS in Phpgurukul Vehicle System /admin/search-vehicle.php
Publication date: 2026-03-23
Last updated on: 2026-03-24
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| phpgurukul | vehicle_record_management_system | 1.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :
This vulnerability can have several impacts including:
- Session hijacking through theft of authentication cookies.
- Credential theft or phishing by injecting malicious content.
- Defacement by altering the appearance or behavior of the web page.
- Information disclosure by silently exfiltrating sensitive admin data.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': 'CVE-2024-51226 is a stored cross-site scripting (XSS) vulnerability found in the Phpgurukul Vehicle Record Management System version 1.0, specifically in the /admin/search-vehicle.php page.'}, {'type': 'paragraph', 'content': 'The vulnerability occurs because the searchinputdata POST parameter is directly echoed into the HTML response without any sanitization or output encoding.'}, {'type': 'paragraph', 'content': "This allows an attacker to inject arbitrary JavaScript code that executes in the context of an authenticated admin's browser when they submit a crafted payload via the search form."}] [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'This vulnerability can be detected by testing the /admin/search-vehicle.php page for reflected cross-site scripting via the searchinputdata POST parameter.'}, {'type': 'paragraph', 'content': "A simple detection method is to submit a crafted payload such as <script>alert('CVE-2024-51226')</script> in the search form and observe if the script executes in the admin's browser."}, {'type': 'paragraph', 'content': 'For command-line testing, you can use curl to send a POST request with the payload and check the response for the injected script.'}, {'type': 'list_item', 'content': 'curl -X POST -d "Submit=Submit&searchinputdata=<script>alert(\'CVE-2024-51226\')</script>" http://target-site/admin/search-vehicle.php'}, {'type': 'paragraph', 'content': 'If the response contains the injected script without sanitization, the vulnerability is present.'}] [1]
What immediate steps should I take to mitigate this vulnerability?
[{'type': 'paragraph', 'content': 'Immediate mitigation involves applying proper output encoding to the searchinputdata parameter before it is echoed in the HTML response.'}, {'type': 'paragraph', 'content': "Specifically, use PHP's htmlspecialchars() function to sanitize the input as follows:"}, {'type': 'list_item', 'content': "$searchinput = htmlspecialchars($_POST['searchinputdata'], ENT_QUOTES, 'UTF-8');"}, {'type': 'paragraph', 'content': 'Additional security measures include implementing a Content Security Policy (CSP) to restrict inline scripts and enforcing input validation with a whitelist approach, allowing only alphanumeric characters and limited punctuation.'}] [1]