VulnerAlert



WEBSITE
04-09-2025 21:05

CVE-2025-45805 Vulnerabilidad documentada

7.6 HIGH
Tags
#site
#web
#php
#javascript
#java
#website
#authenticated
#arbitrary
#inject
Descripción
In phpgurukul Doctor Appointment Management System 1.0, an authenticated doctor user can inject arbitrary JavaScript code into their profile name. This payload is subsequently rendered without proper sanitization, when a visits the website and selects to book appointment.
https://github.com/mhsinj/CVE-2025-45805
https://phpgurukul.com/doctor-appointment-management-system-using-php-and-mysql
Referencia
CVE-2025-45805
Link externo
Ver detalles

Fuente
https://nvd.nist.gov/vuln/detail/CVE-2025-45805
Resultados similares
Coincidentes en almenos en 50% de los tags
05-09-2025 CVE-2025-41408
Improper authorization in handler for custom URL scheme issue in "Yahoo! Shopping" App for Andr...
Ver información
04-09-2025 CVE-2025-20291
A vulnerability in Cisco Webex Meetings could have allowed an unauthenticated, remote attacker ...
Ver información
Icons made by Freepik from www.flaticon.com
Este Proyecto fue cofinanciado por el Consejo Nacional de Ciencia y Tecnología (CONACYT) a través del PROINNOVA 2021/2023
Proyecto realizado por