一、 漏洞 CVE-2025-6125 基础信息
漏洞信息
                                        神龙正在分析中.
提示
尽管我们采用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。
神龙会尽力确保数据准确,但也请结合实际情况进行甄别与判断。
神龙祝您一切顺利!
漏洞标题
PHPGurukul Rail Pass Management System aboutus.php cross site scripting
来源:美国国家漏洞数据库 NVD
漏洞描述信息
A vulnerability was found in PHPGurukul Rail Pass Management System 1.0. It has been classified as problematic. Affected is an unknown function of the file /admin/aboutus.php. The manipulation of the argument pagedes leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
来源:美国国家漏洞数据库 NVD
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N
来源:美国国家漏洞数据库 NVD
漏洞类别
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
来源:美国国家漏洞数据库 NVD
二、漏洞 CVE-2025-6125 的公开POC
# POC 描述 源链接 神龙链接
三、漏洞 CVE-2025-6125 的情报信息

  • 标题: PHPGurukul Rail Pass Management System Project V1.0 aboutus.php Cross-Site Scripting (XSS) · Issue #11 · kakalalaww/CVE -- 🔗来源链接

    标签: exploit issue-tracking

    PHPGurukul Rail Pass Management System Project V1.0 aboutus.php Cross-Site Scripting (XSS) · Issue #11 · kakalalaww/CVE

  • 标题: PHP Project, PHP Projects Ideas, PHP Latest tutorials, PHP oops Concept -- 🔗来源链接

    标签: product

    PHP Project, PHP Projects Ideas, PHP Latest tutorials, PHP oops Concept

  • 标题: Login required -- 🔗来源链接

    标签: signature permissions-required

    神龙速读
    Login required

  • 标题: Submit #592638: PHPGurukul Rail Pass Management System V1.0 Cross Site Scripting -- 🔗来源链接

    标签: third-party-advisory

    神龙速读
    Submit #592638: PHPGurukul Rail Pass Management System V1.0 Cross Site Scripting

  • 标题: CVE-2025-6125 PHPGurukul Rail Pass Management System aboutus.php cross site scripting (EUVD-2025-18402) -- 🔗来源链接

    标签: vdb-entry technical-description

    神龙速读
    CVE-2025-6125 PHPGurukul Rail Pass Management System aboutus.php cross site scripting (EUVD-2025-18402)
  • https://nvd.nist.gov/vuln/detail/CVE-2025-6125