{"id":7049,"date":"2025-06-20T00:03:40","date_gmt":"2025-06-20T00:03:40","guid":{"rendered":"http:\/\/localhost\/?p=7049"},"modified":"2025-06-20T00:03:40","modified_gmt":"2025-06-20T00:03:40","slug":"phpgurukul-notice-board-system-add-notice-manage-noticesphp-cross-site-scripting","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=7049","title":{"rendered":"PHPGurukul Notice Board System Add Notice manage-notices.php cross site scripting"},"content":{"rendered":"
\n

CVE Details<\/h2>\n
\n
\n

Basic Information<\/h3>\n\n\n\n\n\n
Title<\/th>\nPHPGurukul Notice Board System Add Notice manage-notices.php cross site scripting<\/td>\n<\/tr>\n
Type<\/th>\ncve<\/td>\n<\/tr>\n
Published<\/th>\n2025-06-20T02:31:06.254Z<\/td>\n<\/tr>\n
Last Seen<\/th>\n<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Product Information<\/h3>\n\n\n\n\n
Vendor<\/th>\nPHPGurukul<\/td>\n<\/tr>\n
Product<\/th>\nNotice Board System<\/td>\n<\/tr>\n
Version<\/th>\n1.0<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<\/div>\n
\n

CVSS Information<\/h3>\n\n\n\n\n\n\n
Base Score<\/th>\n4.8 (MEDIUM)<\/td>\n<\/tr>\n
Attack Vector<\/th>\nCVSS:4.0\/AV:N\/AC:L\/AT:N\/PR:H\/UI:P\/VC:N\/VI:L\/VA:N\/SC:N\/SI:N\/SA:N\/E:P<\/td>\n<\/tr>\n
Confidentiality Impact<\/th>\n<\/td>\n<\/tr>\n
Integrity Impact<\/th>\n<\/td>\n<\/tr>\n
Availability Impact<\/th>\n<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

AI Analysis<\/h3>\n\n\n\n\n\n\n
AI Description<\/th>\nA cross-site scripting (XSS) vulnerability exists in the Add Notice feature of PHPGurukul Notice Board System 1.0. This allows remote attackers to inject malicious scripts via the Title or Description fields. The issue is rated Medium severity with a CVSS score of 4.8.<\/td>\n<\/tr>\n
AI Severity<\/th>\nMedium<\/td>\n<\/tr>\n
Vendor<\/th>\nPHPGurukul<\/td>\n<\/tr>\n
Product<\/th>\nNotice Board System<\/td>\n<\/tr>\n
Affected Version<\/th>\n1.0<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Affected Products<\/h4>\n