exploitDog

CVE-2025-52074

Опубликовано: 12 сент. 2025

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

PHPGURUKUL Online Shopping Portal 2.1 is vulnerable to Cross Site Scripting (XSS) due to lack of input sanitization in the quantity parameter when adding a product to the cart.

Ссылки

https://github.com/NullMinds/CVE-Hunting/blob/main/Online%20Shopping%20Portal/Stored%20XSS%20in%20Quantity%20Parameter.pdf
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:phpgurukul:online_shopping_portal:2.1:*:*:*:*:*:*:*

EPSS

Процентиль: 21%

0.00068

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-q8fj-hwp7-xhq3

CVSS3: 6.1

github

5 месяцев назад

PHPGURUKUL Online Shopping Portal 2.1 is vulnerable to Cross Site Scripting (XSS) due to lack of input sanitization in the quantity parameter when adding a product to the cart.

EPSS

Процентиль: 21%

0.00068

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79