CVE Details
Basic Information
| Title | PHPGurukul Apartment Visitors Management System HTTP POST Request manage-newvisitors.php cross site scripting |
|---|---|
| Type | cve |
| Published | 2025-07-19T09:32:07.509Z |
| Modified | 2025-07-19T09:32:07.509Z |
Product Information
| Vendor | PHPGurukul |
|---|---|
| Product | Apartment Visitors Management System |
| Version | 1.0 |
CVSS Information
| Base Score | 4.8 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P |
AI Analysis
| AI Description | A reflected cross-site scripting (XSS) vulnerability in PHPGurukul Apartment Visitors Management System 1.0 allows remote attackers to inject malicious scripts via the visname argument in manage-newvisitors.php. This could lead to session hijacking or unauthorized actions on behalf of the user. |
|---|---|
| AI Severity | Medium |
| AI Vendor | PHPGurukul |
| AI Product | Apartment Visitors Management System |
| AI Version | 1.0 |
Affected Products
- PHPGurukul Apartment Visitors Management System 1.0
Additional Information
| CWE List | CWE-79, CWE-94 |
|---|---|
| Source | VulDB |
Description
A vulnerability, which was classified as problematic, has been found in PHPGurukul Apartment Visitors Management System 1.0. This issue affects some unknown processing of the file /manage-newvisitors.php of the component HTTP POST Request Handler. The manipulation of the argument visname leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.