CVE-2025-57576

CWE-79Cross-site Scripting (XSS)3 documents3 sources
Severity
5.4MEDIUM
EPSS
0.0%
top 92.66%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Phpgurukul Online Shopping Portal
Timeline
PublishedSep 4

Description

PHPGurukul Online Shopping Portal 2.1 is vulnerable to Cross Site Scripting (XSS) in /admin/updateorder.php.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:NExploitability: 2.3 | Impact: 2.7

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-qf65-fm96-58w7: PHPGurukul Online Shopping Portal 22025-09-04
CVEList
CVE-2025-57576: PHPGurukul Online Shopping Portal 22025-09-04
CVE-2025-57576 (MEDIUM CVSS 5.4) | PHPGurukul Online Shopping Portal 2 | cvebase.io