A vulnerability, which was classified as problematic, has been found in PHPGurukul Online Banquet Booking System 1.0. Affected by this issue is some unknown functionality of the file /admin/login.php. The manipulation of the argument user_login/userpassword leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
References
Link | Resource |
---|---|
https://drive.google.com/file/d/1CnrQn_-nSWLCUXJrwgrDFyI5D5MOzD-n/view | Exploit |
https://github.com/LagonGit/ReportCVE/issues/2 | Exploit Issue Tracking Third Party Advisory |
https://phpgurukul.com/ | Product |
https://vuldb.com/?ctiid.317054 | Permissions Required VDB Entry |
https://vuldb.com/?id.317054 | Third Party Advisory VDB Entry |
https://vuldb.com/?submit.618895 | Third Party Advisory VDB Entry |
https://vuldb.com/?submit.618907 | Third Party Advisory VDB Entry |
https://github.com/LagonGit/ReportCVE/issues/2 | Exploit Issue Tracking Third Party Advisory |
Configurations
History
29 Jul 2025, 20:18
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:phpgurukul:online_banquet_booking_system:1.0:*:*:*:*:*:*:* | |
First Time |
Phpgurukul online Banquet Booking System
Phpgurukul |
|
Summary |
|
|
References | () https://drive.google.com/file/d/1CnrQn_-nSWLCUXJrwgrDFyI5D5MOzD-n/view - Exploit | |
References | () https://github.com/LagonGit/ReportCVE/issues/2 - Exploit, Issue Tracking, Third Party Advisory | |
References | () https://phpgurukul.com/ - Product | |
References | () https://vuldb.com/?ctiid.317054 - Permissions Required, VDB Entry | |
References | () https://vuldb.com/?id.317054 - Third Party Advisory, VDB Entry | |
References | () https://vuldb.com/?submit.618895 - Third Party Advisory, VDB Entry | |
References | () https://vuldb.com/?submit.618907 - Third Party Advisory, VDB Entry |
21 Jul 2025, 13:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-07-21 13:15
Updated : 2025-07-29 20:18
NVD link : CVE-2025-7925
Mitre link : CVE-2025-7925
CVE.ORG link : CVE-2025-7925
JSON object : View
Products Affected
phpgurukul
- online_banquet_booking_system