CVE-2025-2371

Name of the Vulnerable Software and Affected Versions PHPGurukul Human Metapneumovirus Testing Management System version 1.0

Description A problem was found in the Registered Mobile Number Search component, specifically in the file /registered-user-testing.php. The issue allows for cross-site scripting by manipulating the regmobilenumber argument. This can be exploited remotely.

Recommendations For PHPGurukul Human Metapneumovirus Testing Management System version 1.0, consider restricting access to the /registered-user-testing.php file until a fix is available. As a temporary workaround, avoid using the regmobilenumber argument in the Registered Mobile Number Search component to minimize the risk of exploitation.