PHPGurukul Cyber Cafe Management System POST Parameter search.php cross site...

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P

Description

A weakness has been identified in PHPGurukul Cyber Cafe Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /search.php of the component POST Parameter Handler. Executing manipulation of the argument searchdata can lead to cross site scripting. The attack can be executed remotely. The exploit has been made available to the public and could be exploited.

Basic Information

ID CVE-2025-11390

Source VulDB

Published Oct 7, 2025 at 12:02

Affected Product

Vendor PHPGurukul

Product Cyber Cafe Management System

Version 1.0

Affected Versions PHPGurukul Cyber Cafe Management System 1.0

CWE Classification

CWE-79 CWE-94

References

{
    "lastseen": "",
    "description": "A weakness has been identified in PHPGurukul Cyber Cafe Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /search.php of the component POST Parameter Handler. Executing manipulation of the argument searchdata can lead to cross site scripting. The attack can be executed remotely. The exploit has been made available to the public and could be exploited.",
    "published": "2025-10-07T12:02:06.552Z",
    "modified": "2025-10-07T12:02:06.552Z",
    "type": "cve",
    "title": "PHPGurukul Cyber Cafe Management System POST Parameter search.php cross site scripting",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.327317\nhttps://vuldb.com/?ctiid.327317\nhttps://vuldb.com/?submit.664984\nhttps://github.com/QIU-DIE/CVE/issues/4\nhttps://phpgurukul.com/",
    "id": "CVE-2025-11390",
    "bulletinFamily": "",
    "cwe": [
        "CWE-79",
        "CWE-94"
    ],
    "cvelist": null,
    "sourceData": "PHPGurukul Cyber Cafe Management System 1.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Cyber Cafe Management System",
    "version": "1.0",
    "vendor": "PHPGurukul",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

PHPGurukul Cyber Cafe Management System POST Parameter search.php cross site scripting_CVE-2025-11390