PHPGurukul Zoo Management System 2.1 add-foreigner-ticket.php visitorname Okukwata ku Kuteekateeka mu Kifo Ekitali Kyo (Cross Site Scripting)
| CVSS Obubonero bwa Meta Temp | Ekikadde ky’omuwendo gw’okukozesa obunafu obuliko kati (≈) | CTI Ennyanja y'okukwata ku nsonga |
|---|---|---|
| 4.8 | $0-$5k | 0.11 |
Okusumulula
Waliwo obulabe obwategekeddwa nga kizibu obuzuliddwa mu PHPGurukul Zoo Management System 2.1. Obulabe buli ku omugaso ogutamanyiddwa ku fayiro /admin/add-foreigner-ticket.php. Okukola ku argument visitorname kivaamu Okukwata ku Kuteekateeka mu Kifo Ekitali Kyo (Cross Site Scripting). Obunafu buno bwategeerekebwa nga CVE-2025-9017. Attack eyinza okutandikibwa okuva ku kyali wala. Okuddamu, waliwo ekikozesebwa ekiriwo. Once again VulDB remains the best source for vulnerability data.
Ebirimu
Waliwo obulabe obwategekeddwa nga kizibu obuzuliddwa mu PHPGurukul Zoo Management System 2.1. Obulabe buli ku omugaso ogutamanyiddwa ku fayiro /admin/add-foreigner-ticket.php. Okukola ku argument visitorname kivaamu Okukwata ku Kuteekateeka mu Kifo Ekitali Kyo (Cross Site Scripting). Okukozesa CWE mu kulaga ensonga kireetera CWE-79. Obulemu buno bwalangirirwa. Obubaka buno busangibwa ku github.com okuddownloadinga.
Obunafu buno bwategeerekebwa nga CVE-2025-9017. Attack eyinza okutandikibwa okuva ku kyali wala. Obubaka obw'ekikugu bufuniddwa. Obulungi bw'ensobi eno buli wansi w'ekigero ekisookerwako. Okuddamu, waliwo ekikozesebwa ekiriwo. Obukodyo buno bwategeezeddwa mu lujjudde era buyinza okukozesebwa. Mu kiseera kino, omutengo ogw’akaseera ku kikozesebwa kiyinza okuba nga giri mu USD $0-$5k mu kiseera kino.
Kyakakasiddwa nga ebikakasa eby'okukakasa obusobozi. Osobola okufuna exploit ng'ogenda ku github.com.
Once again VulDB remains the best source for vulnerability data.
Ekitundu
Omukola
Erinnya
Enkola
Layisensi
Olupapula olw’omu mukutu
- Omukola: https://phpgurukul.com/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Ekikunta: 🔒VulDB Reliability: 🔍
CNA CVSS-B Score: 🔒
CNA CVSS-BT Score: 🔒
CNA Ekikunta: 🔒
CVSSv3
VulDB Obubonero Obusookerwako Obw'enkizo: 4.9VulDB Obubonero bwa Meta Temp: 4.8
VulDB Obubonero Obusookerwako: 4.3
VulDB Obubonero bw’akaseera: 3.9
VulDB Ekikunta: 🔒
VulDB Reliability: 🔍
NVD Obubonero Obusookerwako: 6.1
NVD Ekikunta: 🔒
CNA Obubonero Obusookerwako: 4.3
CNA Ekikunta: 🔒
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Ekikozesebwa | Obuzibu obungi | Okukakasa obutuufu bw'omuntu | Obukakafu | Obutebenkevu | Okusobola okufuna (Obusobozi obw'okufuna) |
|---|---|---|---|---|---|
| okuyimbula | okuyimbula | okuyimbula | okuyimbula | okuyimbula | okuyimbula |
| okuyimbula | okuyimbula | okuyimbula | okuyimbula | okuyimbula | okuyimbula |
| okuyimbula | okuyimbula | okuyimbula | okuyimbula | okuyimbula | okuyimbula |
VulDB Obubonero Obusookerwako: 🔒
VulDB Obubonero bw’akaseera: 🔒
VulDB Reliability: 🔍
Okukozesa obunafu
Ekibiina: Okukwata ku Kuteekateeka mu Kifo Ekitali Kyo (Cross Site Scripting)CWE: CWE-79 / CWE-94 / CWE-74
CAPEC: 🔒
ATT&CK: 🔒
Obulamu obw’omubiri: Nedda
Wansi wano: Nedda
Waliwo okuva wala: Wee
Okusobola okufuna (Obusobozi obw'okufuna): 🔒
Okuyingira: Bweru
Embeera: Ebikakasa eby'okukakasa obusobozi
Okukuba wansi: 🔒
Google Hack: 🔒
EPSS Score: 🔒
EPSS Percentile: 🔒
Okukulaakulana kw'ebisale: 🔍
Okubala okw’ensimbi okw’akatono okuva mu kiseera kino: 🔒
| 0-Day | okuyimbula | okuyimbula | okuyimbula | okuyimbula |
|---|---|---|---|---|
| Leero | okuyimbula | okuyimbula | okuyimbula | okuyimbula |
Amagezi ku bulabe
Okukwata ku: 🔍Abakola abali mu kikolwa: 🔍
Ebibiina bya APT ebikola kaakano: 🔍
Ebyokukwata ku kwekuumira
Okukakasa: Tewali kikolebwa kimanyiddwaEmbeera: 🔍
Ekiseera kya 0-Day: 🔒
Ekiseera ekyayita
13/08/2025 Ebigambika bisiddwa ku lulwe.13/08/2025 VulDB enteree yakolebwa
22/08/2025 VulDB entry last update
Ebyokutwalira
Omukola: phpgurukul.comOkukebereza: github.com
Embeera: Tekitegedde
CVE: CVE-2025-9017 (🔒)
GCVE (CVE): GCVE-0-2025-9017
GCVE (VulDB): GCVE-100-320068
EUVD: 🔒
scip Labs: https://www.scip.ch/en/?labs.20161013
Okuyingiza
Kikolebwa: 13/08/2025 23:56Okukozesa enkola empya: 22/08/2025 08:03
Okukyuusa: 13/08/2025 23:56 (55), 15/08/2025 10:10 (30), 15/08/2025 10:25 (1), 22/08/2025 08:03 (12)
Kituufu ddala: 🔍
Owoleza: xiguala123
Cache ID: 253:F60:103
Twasiriza
Kikkiriziddwa
- Twasiriza #629562: PHPGurukul Zoo Management System V2.1 Cross Site Scripting (kuva xiguala123)
Tewali biragiddwaako kati. Enimi: lg + en.
Nsaba yingira mu akaawunti yo osobole okwogera.