Sign In

CVE-2025-61255

📊 6.1 MEDIUM0.0%🎯 0 exploits
📅 Published Oct 21, 2025
📋 Status: Analyzed

Bank Locker Management System by PHPGurukul is affected by a Cross-Site Scripting (XSS) vulnerability via the /search parameter, where unsanitized input allows arbitrary HTML and JavaScript injection, potentially resulting in information disclosure and user redirection.

🎯 Affected Products & Systems

1 product configurations affected

Filter by type:
📱
Vulnerable
Version: All versions
CPE:
cpe:2.3:a:phpgurukul:bank_locker_management_system:-:*:*:*:*:*:*:*
Metrics
6.1 MEDIUMCVSS v3.1134c704f-9b21-4f2e-91b3-4a467353bcc0
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Attack Vector:
NETWORK
Complexity:
LOW
Privileges:
NONE
User Interaction:
REQUIRED
Confidentiality:
LOW
Integrity:
LOW
Availability:
NONE
Scope:
CHANGED

🔍 Technical Details

Analysis Status
Analyzed
CVSS Details
6.1 (MEDIUM)v3.1
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
EPSS Details
0.0% (Minimal)7.9th percentile
Last updated: Nov 1, 2025
Exploitation probability within 30 days
Published Date
Oct 21, 2025 (12 days ago)
Last Modified
Oct 23, 2025 (10 days ago)
Security Weaknesses1
References3