CVE Details
Basic Information
| Title | PHPGurukul COVID19 Testing Management System Take Action test-details.php cross site scripting |
|---|---|
| Type | cve |
| Published | 2025-06-19T23:31:06.185Z |
| Last Seen |
Product Information
| Vendor | PHPGurukul |
|---|---|
| Product | COVID19 Testing Management System |
| Version | 1.0 |
CVSS Information
| Base Score | 5.1 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P |
| Confidentiality Impact | |
| Integrity Impact | |
| Availability Impact |
AI Analysis
| AI Description | A cross-site scripting (XSS) vulnerability in the Take Action functionality of PHPGurukul COVID19 Testing Management System allows remote attackers to inject malicious scripts via the ‘remark’ argument in test-details.php. This could lead to session hijacking or unauthorized actions. |
|---|---|
| AI Severity | Medium |
| Vendor | PHPGurukul |
| Product | COVID19 Testing Management System |
| Affected Version | 1.0 |
Affected Products
- PHPGurukul COVID19 Testing Management System 1.0
Additional Information
| CVE List | |
|---|---|
| CWE List | CWE-79, CWE-94 |
| Bulletin Family |
References
Description
A vulnerability classified as problematic was found in PHPGurukul COVID19 Testing Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /test-details.php of the component Take Action. The manipulation of the argument remark leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.