Vulnerability Database

318,389

Total vulnerabilities in the database

CVE-2025-63442

Simple User Management System with PHP-MySQL v1.0 is vulnerable to Cross-Site Scripting (XSS) via the Profile Section. The system fails to properly sanitize user input, allowing attackers to inject and execute arbitrary JavaScript when the input is displayed in the browser

Published: Nov 3, 2025
Updated: Nov 6, 2025
CVE: CVE-2025-63442
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 4.6
AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N

CWEs:

CWE-79

OWASP TOP 10:

A7 - Cross-Site Scripting (XSS)

Affected Software
References

Software	From	Fixed in
nababur / simple-user-management-system	1.0	1.0.x

https://github.com/sanin-s1r3n/CVE-Research/blob/main/CVE-5

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo