PHPGurukul Employee Record Management System myprofile.php cross site scripting

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P

Description

A security vulnerability has been detected in PHPGurukul Employee Record Management System 1.3. This impacts an unknown function of the file /myprofile.php. Such manipulation of the argument First name leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed publicly and may be used.

Basic Information

ID CVE-2025-11112

Source VulDB

Published Sep 28, 2025 at 17:02

Affected Product

Vendor PHPGurukul

Product Employee Record Management System

Version 1.3

Affected Versions PHPGurukul Employee Record Management System 1.3

CWE Classification

CWE-79 CWE-94

References

{
    "lastseen": "",
    "description": "A security vulnerability has been detected in PHPGurukul Employee Record Management System 1.3. This impacts an unknown function of the file /myprofile.php. Such manipulation of the argument First name leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed publicly and may be used.",
    "published": "2025-09-28T17:02:07.028Z",
    "modified": "2025-09-28T17:02:07.028Z",
    "type": "cve",
    "title": "PHPGurukul Employee Record Management System myprofile.php cross site scripting",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.326193\nhttps://vuldb.com/?ctiid.326193\nhttps://vuldb.com/?submit.662498\nhttps://github.com/tiancesec/CVE/issues/2\nhttps://phpgurukul.com/",
    "id": "CVE-2025-11112",
    "bulletinFamily": "",
    "cwe": [
        "CWE-79",
        "CWE-94"
    ],
    "cvelist": null,
    "sourceData": "PHPGurukul Employee Record Management System 1.3",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Employee Record Management System",
    "version": "1.3",
    "vendor": "PHPGurukul",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

PHPGurukul Employee Record Management System myprofile.php cross site scripting_CVE-2025-11112