| Title | PHPGurukul Art Gallery Management System V1.1 stored xss |
|---|
| Description | During the security assessment of "Art Gallery Management System", I detected a critical Cross-Site Scripting (XSS) vulnerability in the "/admin/edit-art-medium-detail.php" file. This vulnerability is attributed to the insufficient validation and output encoding of user input for the "artmed" parameter. This inadequacy enables attackers to inject malicious JavaScript code. Consequently, attackers can execute arbitrary scripts in the context of the affected page, leading to session hijacking, data theft, and other security breaches. Immediate corrective actions are essential to safeguard system security and user privacy. |
|---|
| Source | ⚠️ https://github.com/wanglu-cell/myCVE/issues/2 |
|---|
| User | adlu (UID 87931) |
|---|
| Submission | 07/15/2025 09:37 (11 months ago) |
|---|
| Moderation | 07/17/2025 16:42 (2 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 316766 [PHPGurukul Art Gallery Management System 1.1 edit-art-medium-detail.php artmed cross site scripting] |
|---|
| Points | 20 |
|---|