CVE-2025-5972

CWE-79Cross-site Scripting (XSS)CWE-94Code InjectionCWE-476NULL Pointer Dereference4 documents4 sources
Severity
4.8MEDIUM
EPSS
0.2%
top 64.11%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Phpgurukul Restaurant Table Booking System
Timeline
PublishedJun 10

Description

A vulnerability classified as problematic has been found in PHPGurukul Restaurant Table Booking System 1.0. Affected is an unknown function of the file /admin/manage-subadmins.php. The manipulation of the argument fullname leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Affected Packages2 packages

🔴Vulnerability Details

2
CVEList
PHPGurukul Restaurant Table Booking System manage-subadmins.php cross site scripting2025-06-10
GHSA
GHSA-x7pm-2wpr-q9mh: A vulnerability classified as problematic has been found in PHPGurukul Restaurant Table Booking System 12025-06-10

📋Vendor Advisories

1
Microsoft
Kernel: the nfta_inner_num and nfta_expr_name netlink attributes accessed without checking its presence in nft_inner.c2023-11-14
CVE-2025-5972 (MEDIUM CVSS 4.8) | A vulnerability classified as probl | cvebase.io