CVE-2025-50367

Medium CVSS: 6.1

A stored blind XSS vulnerability exists in the Contact Page of the Phpgurukul Medical Card Generation System 1.0 mcgs/contact.php. The name field fails to properly sanitize user input, allowing an attacker to inject malicious JavaScript.

Vendor

Anujk305

Product

Medical Card Generation System

CWE

CWE-79

Yayın Tarihi

2025-06-27 16:15:25

Güncelleme

2025-07-01 18:14:15

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-79 Medical Card Generation System MEDIUM Anujk305 2025

Referanslar

https://github.com/1h3ll/CVEs/blob/main/BXSS-Medicalcard_Generations_System.md

Benzer Kayıtlar

Medium

CVE-2025-50369

A Cross-Site Request Forgery (CSRF) vulnerability exists in the Manage Card functionality (/mcgs/admin/manage-card.php)…

Medium

CVE-2025-50370

A Cross-Site Request Forgery (CSRF) vulnerability exists in the Inquiry Management functionality /mcgs/admin/readenq.php…

Medium

CVE-2025-6613

A vulnerability classified as problematic was found in PHPGurukul Hospital Management System 4.0. Affected by this vulne…

Medium

CVE-2025-6570

A vulnerability, which was classified as critical, has been found in PHPGurukul Hospital Management System 4.0. Affected…

Medium

CVE-2025-6301

A vulnerability, which was classified as problematic, has been found in PHPGurukul Notice Board System 1.0. This issue a…

Medium

CVE-2025-6288

A vulnerability, which was classified as problematic, has been found in PHPGurukul Bus Pass Management System 1.0. Affec…