CNNVD-202509-4468 Information

CNNVD ID

CNNVD-202509-4468

Related CVE

CVE-2025-28016

• CNNVD Published: 2025-09-30

Description (Chinese)

PHPGurukul User Registration & Login and User Management System是PHPGurukul公司的一个用户注册登录及用户管理系统。 PHPGurukul User Registration & Login and User Management System V3.3版本存在安全漏洞，该漏洞源于loginsystem/edit-profile.php中参数fname、lname和contact未经验证输入，可能导致反射型跨站脚本攻击。

Description (English)

PHPGurukul User Registration & Login and User Management System is a user registration and user management system for PHPGurukul. PHPGurukul User Registration & Login and User Management System V3.3 has a security loophole, which stems from the unverified input of the parameters fname, lname and contract in loginsystem/edit-profile.php and may result in a cross-script attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

PHPGurukul

Published

2025-09-30

Last Modified

2026-02-24

References

https://github.com/rtnthakur/CVE/blob/main/PHPGurukul/User%20Registration%20&%20Login%20and%20User%20Management%20System%20With%20admin%20panel/XSS%20njection%20-%20edit-profile.md