User Registration Login And User Management System
CVE-2020-24723
MEDIUM
Severity by source
AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Lifecycle Timeline
1DescriptionNVD
Cross Site Scripting (XSS) vulnerability in the Registration page of the admin panel in PHPGurukul User Registration & Login and User Management System With admin panel 2.1.
AnalysisAI
Cross Site Scripting (XSS) vulnerability in the Registration page of the admin panel in PHPGurukul User Registration & Login and User Management System With admin panel 2.1. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Technical ContextAI
This vulnerability is classified as Cross-Site Scripting (XSS) (CWE-79), which allows attackers to inject malicious scripts into web pages viewed by other users. Cross Site Scripting (XSS) vulnerability in the Registration page of the admin panel in PHPGurukul User Registration & Login and User Management System With admin panel 2.1. Affected products include: Phpgurukul User Registration \& Login And User Management System.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Sanitize all user input, use Content-Security-Policy headers, encode output contextually (HTML, JS, URL). Use frameworks with built-in XSS protection.
A critical vulnerability was found in PHPGurukul User Registration & Login and User Management System V3.3 in the /login
Phpgurukul User Registration & Login and User Management System 3.2 is vulnerable to SQL Injection in /admin//search-res
SQL injection vulnerability in PHPGurukul User Registration & Login and User Management System With admin panel 2.1 allo
A SQL Injection vulnerability was found in /password-recovery.php of PHPGurukul User Registration & Login and User Manag
A SQL Injection vulnerability was found in /search-result.php of PHPGurukul User Registration & Login and User Managemen
A HTML Injection vulnerability was found in /search-result.php of PHPGurukul User Registration & Login and User Manageme
A vulnerability classified as critical was found in PHPGurukul User Registration & Login and User Management System 3.3.
A vulnerability classified as critical has been found in PHPGurukul User Registration & Login and User Management System
A vulnerability was found in PHPGurukul User Registration & Login and User Management System 1.0. Rated medium severity
The bwdates-report-result.php file in Phpgurukul User Registration & Login and User Management System 3.1 contains a pot
A SQL Injection was found in loginsystem/change-password.php in PHPGurukul User Registration & Login and User Management
Cross Site Scripting vulnerability in Phpgurukul User Registration & Login and User Management System 1.0 allows attacke
Same weakness CWE-79 – Cross-site Scripting (XSS)
View allShare
External POC / Exploit Code
Leaving vuln.today