CNNVD-202507-2644 Information

Jul 21, 2025 cve

CNNVD ID

CNNVD-202507-2644

CVE-2025-7926

CNNVD Published: 2025-07-21

Description (Chinese)

PHPGurukul Online Banquet Booking System是PHPGurukul公司的一个网上宴会预订系统。 PHPGurukul Online Banquet Booking System 1.0版本存在代码注入漏洞，该漏洞源于文件/admin/booking-search.php中参数searchdata的错误操作导致跨站脚本攻击。

Description (English)

PHPGurukul Online Banquet Booking Systems is an online party reservation system for PHPGurukul. PHPGurukul Online Banquet Booking System Version 1.0 contains a code-injection loophole, which stems from the error of the searchdata parameter in the file/admin/booking-search.php, resulting in a cross-site script attack.

Hazard Level

Critical

Vulnerability Type

代码注入

Affected Vendor

PHPGurukul

Published

2025-07-21

Last Modified

2026-02-24

References

https://drive.google.com/file/d/1SHG0BMHHfc-6XDm43_zYVrcZEYiUvdP9/view https://github.com/LagonGit/ReportCVE/issues/4 https://phpgurukul.com/ https://vuldb.com/?ctiid.317055 https://vuldb.com/?id.317055 https://vuldb.com/?submit.618909

Share on: