PT-2025-36004 · Unknown · Phpgurukul Online Shopping Portal

P0Et08

Published

2025-09-04

Updated

2025-09-04

CVE-2025-57576

Report an issue

CVSS v3.1

5.4

Vector

AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions:

PHPGurukul Online Shopping Portal version 2.1

Description:

PHPGurukul Online Shopping Portal version 2.1 is susceptible to Cross Site Scripting (XSS) in the `/admin/updateorder.php` endpoint.

Recommendations:

As a mitigation, consider implementing appropriate input validation and output encoding mechanisms within the `/admin/updateorder.php` endpoint to prevent the injection and execution of malicious scripts.

Fix

XSS

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2025-57576

Affected Products

Phpgurukul Online Shopping Portal

PT-2025-36004 · Unknown · Phpgurukul Online Shopping Portal

Weakness Enumeration

Related Identifiers

Affected Products

References · 4