PHPGurukul Art Gallery Management System Cross-Site Scripting Vulnerability

A reflected cross-site scripting vulnerability has been identified in PHPGurukul Art Gallery Management System version 1.0. The issue resides in the search.php file, where the search parameter is not properly sanitized, allowing attackers to inject malicious scripts. This vulnerability can be exploited remotely, potentially executing harmful scripts in the context of the user's browser.

Impact

Exploitation of this vulnerability allows for reflected cross-site scripting, where injected scripts are executed in the user's browser session.

Reproduction

To reproduce this vulnerability, navigate to the search.php page of the Art Gallery Management System. In the 'Search' input box, enter a script payload, such as a script tag containing JavaScript code, such as an alert. After submitting the search, the injected script will execute, demonstrating the cross-site scripting vulnerability.