CVE-2025-28015
Essential information
- Published
- 13/03/2025 16:15
- Modified
- 13/03/2025 16:15
- Author
- —
- Creator
- —
- CISA KEV
- No
- CWE
- —
- CVSS vector
- — — —
Description
A HTML Injection vulnerability was found in loginsystem/edit-profile.php of the PHPGurukul User Registration & Login and User Management System V3.3. This vulnerability allows remote attackers to execute arbitrary HTML code via the fname, lname, and contact parameters.
NVD status
- Status
- Received — CVE has been recently published to the CVE List and has been received by the NVD.
- Source
- [email protected]
- NVD
- View on NVD
Affected products (CPE)
| Product | CPE |
|---|---|
| phpgurukul / user registration and login and user management system | cpe:2.3:a:phpgurukul:user_registration_and_login_and_user_management_system:3.3:*:*:*:*:*:*:* |