CVE-2025-45007

CWE-79 — Cross-site Scripting (XSS)3 documents3 sources

Severity

4.8MEDIUM

EPSS

0.2%

top 62.22%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Phpgurukul Time Table Generator System

Timeline

PublishedApr 30

Description

A Reflected Cross-Site Scripting (XSS) vulnerability was discovered in the profile.php file of PHPGurukul Timetable Generator System v1.0. This vulnerability allows remote attackers to execute arbitrary JavaScript code via the adminname POST request parameter.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:NExploitability: 1.7 | Impact: 2.7

Affected Packages1 packages

▶NVDphpgurukul/time_table_generator_system1.0

🔴Vulnerability Details

CVEList

CVE-2025-45007: A Reflected Cross-Site Scripting (XSS) vulnerability was discovered in the profile↗2025-04-30

▶

GHSA

GHSA-6qj8-hh3r-p98w: A Reflected Cross-Site Scripting (XSS) vulnerability was discovered in the profile↗2025-04-30

▶