User Registration Login And User Management System
CVE-2024-25202
MEDIUM
Severity by source
AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Primary rating from Vendor (mitre) · only source for this CVE.
CVSS VectorVendor: mitre
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Lifecycle Timeline
1DescriptionCVE.org
Cross Site Scripting vulnerability in Phpgurukul User Registration & Login and User Management System 1.0 allows attackers to run arbitrary code via the search bar.
AnalysisAI
Cross Site Scripting vulnerability in Phpgurukul User Registration & Login and User Management System 1.0 allows attackers to run arbitrary code via the search bar. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Technical ContextAI
This vulnerability is classified as Code Injection (CWE-94), which allows attackers to inject and execute arbitrary code within the application. Cross Site Scripting vulnerability in Phpgurukul User Registration & Login and User Management System 1.0 allows attackers to run arbitrary code via the search bar. Affected products include: Phpgurukul User Registration \& Login And User Management System.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Never evaluate user-controlled input as code. Use sandboxing, disable dangerous functions, apply strict input validation.
A critical vulnerability was found in PHPGurukul User Registration & Login and User Management System V3.3 in the /login
Phpgurukul User Registration & Login and User Management System 3.2 is vulnerable to SQL Injection in /admin//search-res
SQL injection vulnerability in PHPGurukul User Registration & Login and User Management System With admin panel 2.1 allo
A SQL Injection vulnerability was found in /password-recovery.php of PHPGurukul User Registration & Login and User Manag
A SQL Injection vulnerability was found in /search-result.php of PHPGurukul User Registration & Login and User Managemen
A HTML Injection vulnerability was found in /search-result.php of PHPGurukul User Registration & Login and User Manageme
A vulnerability classified as critical was found in PHPGurukul User Registration & Login and User Management System 3.3.
A vulnerability classified as critical has been found in PHPGurukul User Registration & Login and User Management System
A vulnerability was found in PHPGurukul User Registration & Login and User Management System 1.0. Rated medium severity
The bwdates-report-result.php file in Phpgurukul User Registration & Login and User Management System 3.1 contains a pot
A SQL Injection was found in loginsystem/change-password.php in PHPGurukul User Registration & Login and User Management
Phpgurukul User Registration & Login and User Management System 3.2 is vulnerable to Cross Site Request Forgery (CSRF) v
Same weakness CWE-94 – Code Injection
View allSame technique Code Injection
View allShare
External POC / Exploit Code
Leaving vuln.today