CVE-2025-7791
BaseFortify
Publication date: 2025-07-18
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| phpgurukul | online_security_guards_hiring_system | 1.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
| CWE-94 | The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-7791 is a reflected Cross-Site Scripting (XSS) vulnerability in PHPGurukul Online Security Guards Hiring System version 1.0, specifically in the /admin/search.php file. The vulnerability occurs because the application takes user input from the 'searchdata' parameter and directly embeds it into the HTML response without proper sanitization or encoding. This allows an attacker to inject malicious JavaScript code that executes in the victim's browser when they view the affected page. [1, 2, 3]
How can this vulnerability impact me? :
This vulnerability can allow attackers to execute arbitrary scripts in the context of a victim's browser. Potential impacts include session hijacking, data theft, unauthorized actions performed on behalf of the user, and defacement of the web application. Because the attack can be initiated remotely and requires user interaction, attackers can exploit this to compromise user data and application integrity. [1, 2, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by testing the /admin/search.php endpoint with crafted input in the 'searchdata' parameter to check for reflected cross-site scripting (XSS). For example, sending a POST request with a payload like <script>alert(document.cookie);</script> in the 'searchdata' parameter and observing if the script executes in the browser indicates the presence of the vulnerability. You can use curl to test this: curl -X POST -d "searchdata=<script>alert(document.cookie);</script>" http://targetsite/admin/search.php and then check the response in a browser or via developer tools to see if the script is reflected and executed. Additionally, Google dorking with queries like inurl:admin/search.php can help identify potentially vulnerable targets. [2, 3]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include implementing context-aware output encoding to ensure that user input in the 'searchdata' parameter is treated as plain text and not executable HTML or JavaScript. Strict input validation and filtering should be applied to allow only expected input formats (e.g., alphanumeric characters) to reduce injection risks. Since no vendor patch or fix is available, replacing the affected product with an alternative solution is recommended. Additionally, restricting access to the /admin/search.php page and monitoring for suspicious activity can help reduce risk. [2, 3]