Bank Locker Management System Cross-Site Scripting Vulnerability

Vulnerability

A Cross-Site Scripting (XSS) vulnerability has been identified in the Bank Locker Management System by PHPGurukul. This issue arises in the search.php component, specifically through the /search parameter. The vulnerability allows for the injection of unsanitized HTML and JavaScript, which can be executed in the context of the user's browser. Potential consequences include session cookie theft, unauthorized redirection to malicious sites, and manipulation of the displayed page.

Impact

Exploitation of this vulnerability could lead to Cross-Site Scripting, allowing for the execution of injected scripts in the user's browser. This could result in the theft of session cookies, unauthorized redirections to malicious websites, manipulation of web pages, and phishing attacks through injected forms.

Added: Oct 21, 2025, 7:25 PM

Updated: Oct 21, 2025, 10:18 PM

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

3.5

exploitability

6.0

remediation

0.0

relevance

0.7

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.3

impact

3.5

exploitability

6.0

remediation

0.0

relevance

0.7

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Bank Locker Management System Cross-Site Scripting Vulnerability

Vulnerability

Impact

Affected Products

PHPGurukul Bank Locker Management System

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating