CVE-2025-11390

📊 5.3 MEDIUM⚡ 0.0%🎯 0 exploits

📅 Published Oct 7, 2025

📋 Status: Analyzed

A weakness has been identified in PHPGurukul Cyber Cafe Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /search.php of the component POST Parameter Handler. Executing manipulation of the argument searchdata can lead to cross site scripting. The attack can be executed remotely. The exploit has been made available to the public and could be exploited.

CVSS v3.1 • [email protected]

🎯 Affected Products & Systems

1 product configurations affected

Filter by type:

Type	Vendor	Product	Version Range	Status	CPE String
📱App	phpgurukul	cyber cafe management system	1.0	Vulnerable	cpe:2.3:a:phpgurukul:cyber_cafe_management_system:1.0:::::::*

📱

phpgurukul / cyber cafe management system

Application

Vulnerable

Version: 1.0

CPE:

cpe:2.3:a:phpgurukul:cyber_cafe_management_system:1.0:*:*:*:*:*:*:*

Metrics

5.3 MEDIUMCVSS v4.0[email protected]

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

🔍 Technical Details

Analysis Status

Analyzed

CVSS Details

5.3 (MEDIUM)v4.0

Source: [email protected]

EPSS Details

0.0% (Minimal)6.7th percentile

Last updated: Nov 1, 2025

Exploitation probability within 30 days

Published Date

Oct 7, 2025 (26 days ago)

Last Modified

Oct 9, 2025 (24 days ago)

Security Weaknesses3

CWE-79CWE-94

References5

NVDgeneralgeneral+2