CVE-2025-6127
BaseFortify
Publication date: 2025-06-16
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| phpgurukul | nipah_virus_testing_management_system | 1.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
| CWE-94 | The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-6127 is a Cross-Site Scripting (XSS) vulnerability in the PHPGurukul Nipah Virus Testing Management System version 1.0. It occurs due to improper sanitization and validation of the user-supplied input parameter "serachdata" in the /search-report.php file. This flaw allows attackers to inject malicious JavaScript code that executes in the context of the victim's browser, potentially leading to session hijacking, theft of authentication cookies, unauthorized actions, redirection to malicious sites, webpage defacement, and malware delivery. [1, 2, 3]
How can this vulnerability impact me? :
Exploitation of this vulnerability can lead to compromise of user accounts, theft of sensitive information such as authentication cookies, unauthorized manipulation of application functionality, session hijacking, redirection to malicious websites, webpage defacement, and delivery of malware. These impacts pose significant risks to both application security and user privacy. [1, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by testing the /search-report.php endpoint for improper sanitization of the 'serachdata' parameter. One method is to send crafted requests with typical XSS payloads such as <script>alert(1)</script> in the 'serachdata' parameter and observe if the script executes or is reflected unsanitized in the response. Additionally, attackers can identify vulnerable targets using Google dorking with the query: inurl:search-report.php. For manual testing, you can use curl or similar tools to send requests, for example: curl -X POST -d "serachdata=<script>alert(1)</script>" https://target/nipah-tms/search-report.php and check the response for reflected scripts. [2, 3]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include implementing proper input validation and sanitization on the 'serachdata' parameter to prevent injection of malicious scripts. Use context-aware output encoding such as HTML entity encoding before reflecting user input in the response. Enforce a strict Content Security Policy (CSP) to restrict script execution. Secure session cookies with HttpOnly and Secure flags to reduce risk of session hijacking. Avoid unsafe methods like innerHTML or document.write() in the application code. If possible, replace the affected product with a secure alternative as no known countermeasures are reported. Applying these measures promptly will help protect users and maintain application integrity. [1, 3, 2]