Lucene search

[email protected]NVD:CVE-2020-25270

HistoryOct 08, 2020 - 1:15 p.m.

CVE-2020-25270

2020-10-0813:15:10

CWE-79

[email protected]

web.nvd.nist.gov

phpgurukul

hostel-management-system

xss

vulnerability

guardian name

guardian relation

guardian contact no

address

city

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

EPSS

0.002

Percentile

54.2%

JSON

PHPGurukul hostel-management-system 2.1 allows XSS via Guardian Name, Guardian Relation, Guardian Contact no, Address, or City.

Affected configurations

Nvd

Node

phpgurukulhostel_management_systemMatch2.1

VendorProductVersionCPE
phpgurukulhostel_management_system2.1cpe:2.3:a:phpgurukul:hostel_management_system:2.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
phpgurukul	hostel_management_system	2.1	cpe:2.3:a:phpgurukul:hostel_management_system:2.1:::::::*

References

packetstormsecurity.com/files/159614/Hostel-Management-System-2.1-Cross-Site-Scripting.html

github.com/Ko-kn3t/CVE-2020-25270

phpgurukul.com

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

EPSS

0.002

Percentile

54.2%

JSON

Related for NVD:CVE-2020-25270

cvelist1 exploitdb1 prion1 cve1 packetstorm1 githubexploit1