CVE-2025-8115
BaseFortify
Publication date: 2025-07-24
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| phpgurukul | auto\/taxi_stand_management_system | 1.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
| CWE-94 | The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-8115 is a Stored Cross-Site Scripting (XSS) vulnerability in PHPGurukul Taxi Stand Management System version 1.0. It exists in the 'registrationnumber' and 'licensenumber' fields of the taxi entry form at the endpoint /admin/new-autoortaxi-entry-form.php. An attacker can inject malicious JavaScript code via a POST request to these fields. This malicious script is stored on the server and executed when an administrator views their profile, potentially compromising admin sessions or allowing unauthorized actions. The root cause is the lack of proper input sanitization and output encoding, allowing persistent script injection. [1, 2, 3, 4]
How can this vulnerability impact me? :
This vulnerability can lead to the execution of arbitrary JavaScript code in the browser of an administrator who views the injected content. This can result in compromise of admin sessions, unauthorized actions, theft of cookies or session tokens, Cross-Site Request Forgery (CSRF)-like attacks, privilege escalation, exfiltration of sensitive data, or redirection to malicious websites. Since the attack can be launched remotely without local access, it poses a significant risk to the integrity and security of the affected system. [1, 2, 3, 4]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by testing the affected endpoint `/admin/new-autoortaxi-entry-form.php` for stored cross-site scripting (XSS) in the `registrationnumber` and `licensenumber` fields. One method is to send a POST request with a payload containing a script tag, such as `<script>alert(1)</script>`, to these parameters and then check if the script executes when an administrator views the affected page. Additionally, vulnerable targets can be identified using Google dorking with the query `inurl:admin/new-autoortaxi-entry-form.php`. Example command using curl to test the vulnerability: `curl -X POST -d "registrationnumber=<script>alert(1)</script>" https://targetsite.com/admin/new-autoortaxi-entry-form.php` and then verify if the alert triggers in the admin interface. [3, 4]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include: 1) Implement server-side output encoding to properly escape user input before rendering it in HTML. 2) Validate and sanitize input to restrict or remove dangerous characters in the `registrationnumber` and `licensenumber` fields. 3) Apply a Content Security Policy (CSP) to limit script execution in the browser. 4) Use sanitization libraries or functions to clean input data before storage or display. If possible, replace the affected component with an alternative product. These steps help prevent malicious script injection and execution. [3, 4]