CVE-2025-7800
BaseFortify
Publication date: 2025-07-18
Last updated on: 2025-07-22
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| cgpandey | hotelmis | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
| CWE-94 | The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a Cross-site Scripting (XSS) issue in the cgpandey hotelmis project. It occurs because the application improperly handles user input from the HTTP GET parameter 'search' in the admin.php file. The input is directly echoed into the web page without proper sanitization or neutralization, allowing attackers to inject malicious scripts that execute in the context of other users viewing the page. [1]
How can this vulnerability impact me? :
This vulnerability can allow attackers to execute malicious scripts in the browsers of users who visit the affected page. This can lead to theft of sensitive information such as cookies or session tokens, unauthorized actions performed on behalf of users, and potential compromise of user accounts or the affected system. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by testing the admin.php page for reflected Cross-site Scripting (XSS) via the 'search' GET parameter. You can use tools like curl or a web browser to send crafted requests with script payloads in the 'search' parameter and observe if the input is echoed unsanitized in the response. For example, using curl: curl -G 'http://yourserver/admin.php' --data-urlencode 'search=<script>alert(1)</script>' and checking if the script tag appears in the HTML response unescaped. Additionally, automated scanners like OWASP ZAP or Burp Suite can be used to detect XSS vulnerabilities by crawling and injecting test payloads. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation involves sanitizing and encoding user input before outputting it in the HTML page. Specifically, the code in admin.php should be changed to properly escape the 'search' parameter to prevent script injection. Applying input validation and output encoding functions (e.g., htmlspecialchars in PHP) on the 'search' parameter before echoing it will mitigate the XSS risk. Additionally, restricting user privileges and monitoring web traffic for suspicious requests can help reduce impact until a patch is applied. [1]