PT-2025-42812 · Unknown · Php Education Manager
Published
2025-10-20
·
Updated
2025-10-21
·
CVE-2025-60781
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
PHP Education Manager version 1.0
Description
The software is susceptible to Cross Site Scripting (XSS) attacks. The issue is located in the
worksheet.php file and involves the participant name parameter. Exploitation of this issue could allow an attacker to inject malicious scripts into the application.Recommendations
Apply updates to address the issue in the
worksheet.php file.
Sanitize the participant name parameter to prevent the injection of malicious scripts.Exploit
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Php Education Manager