CVE-2025-5972

A vulnerability classified as problematic has been found in PHPGurukul Restaurant Table Booking System 1.0. Affected is an unknown function of the file /admin/manage-subadmins.php. The manipulation of the argument fullname leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

Published: Jun 10, 2025
Updated: Jun 18, 2025
CVE: CVE-2025-5972
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.4
AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

CWEs:

CWE-94
CWE-79

OWASP TOP 10:

A7 - Cross-Site Scripting (XSS)

Affected Software
References

Software	From	Fixed in
phpgurukul / restaurant_table_booking_system	1.0	1.0.x

https://github.com/kakalalaww/CVE/issues/5
https://phpgurukul.com/
https://vuldb.com/?ctiid.311850
https://vuldb.com/?id.311850
https://vuldb.com/?submit.592340

Vulnerability Database

290,020

CVE-2025-5972