CVE-2025-45011
CVSS 3.1 Score 5.3 of 10 (medium)
Details
Summary
CVE-2025-45011 is a newly discovered HTML Injection vulnerability affecting the PHPGurukul Park Ticketing Management System version 2.0. The vulnerability lies in the foreigner-search.php file and enables remote attackers to inject and execute arbitrary code by manipulating the searchdata POST request parameter. Successful exploitation could lead to unauthorized access or data theft, posing a significant security risk for organizations utilizing this software. It is strongly recommended that users upgrade to the latest version or apply the relevant patches to mitigate this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.