CVE Details
Basic Information
| Title | PHPGurukul Notice Board System Add Notice manage-notices.php cross site scripting |
|---|---|
| Type | cve |
| Published | 2025-06-20T02:31:06.254Z |
| Last Seen |
Product Information
| Vendor | PHPGurukul |
|---|---|
| Product | Notice Board System |
| Version | 1.0 |
CVSS Information
| Base Score | 4.8 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P |
| Confidentiality Impact | |
| Integrity Impact | |
| Availability Impact |
AI Analysis
| AI Description | A cross-site scripting (XSS) vulnerability exists in the Add Notice feature of PHPGurukul Notice Board System 1.0. This allows remote attackers to inject malicious scripts via the Title or Description fields. The issue is rated Medium severity with a CVSS score of 4.8. |
|---|---|
| AI Severity | Medium |
| Vendor | PHPGurukul |
| Product | Notice Board System |
| Affected Version | 1.0 |
Affected Products
- PHPGurukul Notice Board System 1.0
Additional Information
| CVE List | |
|---|---|
| CWE List | CWE-79, CWE-94 |
| Bulletin Family |
References
Description
A vulnerability, which was classified as problematic, has been found in PHPGurukul Notice Board System 1.0. This issue affects some unknown processing of the file /admin/manage-notices.php of the component Add Notice. The manipulation of the argument Title/Description leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.