PHPGurukul Directory Management System add-directory.php cross site scripting_CVE-2025-9656

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P

Description

A security vulnerability has been detected in PHPGurukul Directory Management System 2.0. This vulnerability affects unknown code of the file /admin/add-directory.php. The manipulation of the argument fullname leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used.

Basic Information

ID CVE-2025-9656

Source VulDB

Published Aug 29, 2025 at 15:32

Affected Product

Vendor PHPGurukul

Product Directory Management System

Version 2.0

Affected Versions PHPGurukul Directory Management System 2.0

CWE Classification

CWE-79 CWE-94

References

{
    "lastseen": "",
    "description": "A security vulnerability has been detected in PHPGurukul Directory Management System 2.0. This vulnerability affects unknown code of the file /admin/add-directory.php. The manipulation of the argument fullname leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used.",
    "published": "2025-08-29T15:32:07.263Z",
    "modified": "2025-08-29T15:32:07.263Z",
    "type": "cve",
    "title": "PHPGurukul Directory Management System add-directory.php cross site scripting",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.321864\nhttps://vuldb.com/?ctiid.321864\nhttps://vuldb.com/?submit.637137\nhttps://github.com/xiguala123/myCVE/issues/10\nhttps://phpgurukul.com/",
    "id": "CVE-2025-9656",
    "bulletinFamily": "",
    "cwe": [
        "CWE-79",
        "CWE-94"
    ],
    "cvelist": null,
    "sourceData": "PHPGurukul Directory Management System 2.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Directory Management System",
    "version": "2.0",
    "vendor": "PHPGurukul",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}