Unrated severityNVD Advisory· Published Sep 30, 2025· Updated Sep 30, 2025

CVE-2025-28016

Description

A Reflected Cross-Site Scripting (XSS) vulnerability was found in loginsystem/edit-profile.php of the PHPGurukul User Registration & Login and User Management System V3.3. This vulnerability allows remote attackers to execute arbitrary JavaScript code via the fname, lname, and contact parameters.

Affected products

PHPGurukul/User Registration & Login and User Management Systemdescription
Phpgurukul/User Registration \& Login And User Management Systemllm-fuzzy
Range: = 3.3

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/rtnthakur/CVE/blob/main/PHPGurukul/User%20Registration%20&%20Login%20and%20User%20Management%20System%20With%20admin%20panel/XSS%20njection%20-%20edit-profile.mdmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000