CVE-2025-5970

A vulnerability was found in PHPGurukul Restaurant Table Booking System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/add-subadmin.php. The manipulation of the argument fullname leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

Published: Jun 10, 2025
Updated: Jun 18, 2025
CVE: CVE-2025-5970
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.4
AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

CWEs:

CWE-94
CWE-79

OWASP TOP 10:

A7 - Cross-Site Scripting (XSS)

Affected Software
References

Software	From	Fixed in
phpgurukul / restaurant_table_booking_system	1.0	1.0.x

https://github.com/kakalalaww/CVE/issues/4
https://phpgurukul.com/
https://vuldb.com/?ctiid.311846
https://vuldb.com/?id.311846
https://vuldb.com/?submit.592338

Vulnerability Database

290,020

CVE-2025-5970