CVE-2025-7817
BaseFortify
Publication date: 2025-07-19
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| phpgurukul | apartment_visitors_management_system | 1.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
| CWE-94 | The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-7817 is a Stored Cross-Site Scripting (XSS) vulnerability in PHPGurukul Apartment Visitors Management System version 1.0. It occurs because the 'visname' parameter, submitted via a POST request, is not properly sanitized or encoded before being stored and later displayed in the /bwdates-reports.php page. This allows attackers to inject malicious JavaScript code that executes in the browsers of users who view the affected page, including administrators. The vulnerability arises from improper input handling and lack of output encoding, enabling persistent XSS attacks. [1, 2, 3]
How can this vulnerability impact me? :
This vulnerability allows attackers to execute arbitrary JavaScript in the browsers of users who access the affected page. Potential impacts include theft of cookies or session tokens, Cross-Site Request Forgery (CSRF)-like session riding attacks, privilege escalation, exfiltration of sensitive data, and redirection to malicious websites. Because the malicious script runs in the context of the vulnerable web application, it can compromise user sessions and data integrity. [2, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by searching for the presence of the vulnerable endpoint `/bwdates-reports.php` and testing the `visname` parameter for stored cross-site scripting (XSS). One method is to use Google dorking with the query `inurl:bwdates-reports.php` to identify potentially vulnerable targets. Additionally, you can test by sending a POST request with a payload such as `<script>alert(1)</script>` in the `visname` parameter to `/avms/visitors-form.php` and then checking if the script executes when viewing `/bwdates-reports.php`. Example command using curl to test the injection: `curl -X POST -d "visname=<script>alert(1)</script>" http://target/avms/visitors-form.php`. Then, visit or fetch `/bwdates-reports.php` to see if the script runs. [2, 3]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include implementing server-side output encoding to properly escape the `visname` parameter before rendering it in `/bwdates-reports.php`. Apply strict input validation and sanitization on the `visname` input to prevent malicious scripts from being stored. Deploy a Content Security Policy (CSP) to restrict script execution in browsers. If possible, replace the affected component with an alternative product as no official patches or countermeasures have been published. [2, 3]