PHPGurukul Online Banquet Booking System admin-profile.php cross site scripting

5.1 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P

Description

A vulnerability classified as problematic was found in PHPGurukul Online Banquet Booking System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/admin-profile.php. The manipulation of the argument adminname leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Basic Information

ID CVE-2025-7924

Source VulDB

Published Jul 21, 2025 at 11:02

Modified Jul 21, 2025 at 12:17

Affected Product

Vendor PHPGurukul

Product Online Banquet Booking System

Version 1.0

Affected Versions PHPGurukul Online Banquet Booking System 1.0

CWE Classification

CWE-79 CWE-94

References

{
    "lastseen": "",
    "description": "A vulnerability classified as problematic was found in PHPGurukul Online Banquet Booking System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/admin-profile.php. The manipulation of the argument adminname leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.",
    "published": "2025-07-21T11:02:07.605Z",
    "modified": "2025-07-21T12:17:04.737Z",
    "type": "cve",
    "title": "PHPGurukul Online Banquet Booking System admin-profile.php cross site scripting",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.317053\nhttps://vuldb.com/?ctiid.317053\nhttps://vuldb.com/?submit.618882\nhttps://github.com/LagonGit/ReportCVE/issues/1\nhttps://drive.google.com/file/d/1vrvOnw662FZ7CIfhr5EnXPLRqwTRkJqA/view\nhttps://phpgurukul.com/",
    "id": "CVE-2025-7924",
    "bulletinFamily": "",
    "cwe": [
        "CWE-79",
        "CWE-94"
    ],
    "cvelist": null,
    "sourceData": "PHPGurukul Online Banquet Booking System 1.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.1,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Online Banquet Booking System",
    "version": "1.0",
    "vendor": "PHPGurukul",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

PHPGurukul Online Banquet Booking System admin-profile.php cross site scripting_CVE-2025-7924