PT-2025-30089 · Phpgurukul · Phpgurukul Complaint Management System
N1N3B9S
·
Published
2025-07-18
·
Updated
2025-07-18
·
CVE-2025-7802
N1N3B9S
·
Published
2025-07-18
·
Updated
2025-07-18
·
CVE-2025-7802
5.4
Medium
| Base vector | Vector | AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions:
PHPGurukul Complaint Management System version 2.0
Description:
A cross-site scripting issue exists in PHPGurukul Complaint Management System 2.0. The vulnerability is located in the `/admin/complaint-search.php` file. Manipulation of the `Search` parameter can lead to cross-site scripting. The exploit has been publicly disclosed.
Recommendations:
Address the issue by sanitizing the `Search` parameter in the `/admin/complaint-search.php` file.
Exploit
Fix
Code Injection
XSS