PT-2024-20815 · Unknown · Phpgurukul User Registration & Login/User Management System

Agampreet-Singh

Published

2024-02-28

Updated

2024-08-01

CVE-2024-25202

CVSS v3.1

6.1

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Phpgurukul User Registration & Login and User Management System version 1.0

Description The issue allows attackers to run arbitrary code via the search bar, which is a Cross Site Scripting vulnerability. This enables attackers to execute arbitrary code.

Recommendations For Phpgurukul User Registration & Login and User Management System version 1.0, consider disabling the search bar functionality until a patch is available to prevent exploitation. Restrict access to the search bar to minimize the risk of arbitrary code execution.

Exploit

Fix

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-94

Related Identifiers

CVE-2024-25202

Affected Products

Phpgurukul User Registration & Login/User Management System

CVE-2024-25202

Weakness Enumeration

Related Identifiers

Affected Products

References · 9