CVE-2020-23466

MEDIUM

phpgurukul Online Marriage Registration System 1.0 - XSS

Title source: llm

Description

Cross Site Scripting (XSS) vulnerability exists in the phpgurukul Online Marriage Registration System 1.0 allows attackers to run arbitrary code via the wzipcode field.

Exploits (1)

exploitdb WRITEUP

by that faceless coder · textwebappsphp

https://www.exploit-db.com/exploits/48522

View Code ZIP pw:eip

References (2)

[Exploit, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/48522

[Product] https://phpgurukul.com/online-marriage-registration-system-using-php-and-mysql/

Scores

CVSS v3 5.4

EPSS 0.0020

EPSS Percentile 41.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Details

CWE

CWE-79

Status published

Products (1)

phpgurukul/online_marriage_registration_system 1.0

Published Aug 19, 2022

Tracked Since Feb 18, 2026