CVE-2024-10199

Name of the Vulnerable Software and Affected Versions code-projects Pharmacy Management System version 1.0

Description A problem was discovered in the Pharmacy Management System, affecting some unknown functionality of the file /manage medicine.php of the component Manage Medicines Page. The manipulation of the argument name, address, doctor address, or suppliers name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Recommendations For code-projects Pharmacy Management System version 1.0, consider disabling access to the /manage medicine.php file until a patch is available. Restrict the use of the arguments name, address, doctor address, and suppliers name in the Manage Medicines Page to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.