← Back to CVEs
CVE-2025-63442
MEDIUM4.6
Description
Simple User Management System with PHP-MySQL v1.0 is vulnerable to Cross-Site Scripting (XSS) via the Profile Section. The system fails to properly sanitize user input, allowing attackers to inject and execute arbitrary JavaScript when the input is displayed in the browser
CVE Details
CVSS v3.1 Score4.6
SeverityMEDIUM
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredLOW
User InteractionREQUIRED
Published11/3/2025
Last Modified11/5/2025
Sourcenvd
Honeypot Sightings0
Affected Products
nababur:simple-user-management-system
Weaknesses (CWE)
CWE-79
References
https://github.com/sanin-s1r3n/CVE-Research/blob/main/CVE-5(cve@mitre.org)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.