CVE-2025-12311

CVSS 2.4 Low
  • CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N
  • Published: 1761596152
  • Last modified: 1761596152

CVE-2025-12311 — A vulnerability was detected in PHPGurukul Curfew e-Pass Management System 1.0. This issue affects some unknown processing of the file edit-category-detail.php. The manipulation of the argument catname results in cross site scripting. The attack can be launched remotely. The exploit is now public and may be used. [Severity (CVSS) 2.4]

Related CVE by CWE

No closely related CVE found.

Risk snapshot

EPSS: n/a   |   KEV: not listed

Related CVE by CWE

No related CWE found.

Top CVE for Vendor

No vendor taxonomy on this entry.

Recently Exploited Similar Vulnerabilities

No recent KEV-listed items for this vendor/product.

A vulnerability was detected in PHPGurukul Curfew e-Pass Management System 1.0. This issue affects some unknown processing of the file edit-category-detail.php. The manipulation of the argument catname results in cross site scripting. The attack can be launched remotely. The exploit is now public and may be used.

🧠 Explainer: What this vulnerability means

Summary: A flaw in the product from the vendor (CWE: unspecified) can be exploited.

Impact: It may allow privilege escalation, data exposure, or service interruption.

Mitigation: Upgrade immediately to the remediated release and follow vendor hardening guidance.

No vendor/product data yet.

No explicit mitigation/advisory links found in references.