CVE-2025-7800
LOWcgpandey hotelmis < c572198e6c4780fccc63b1d3e8f3f72f825fc94e - XSS
Title source: llmDescription
A vulnerability classified as problematic was found in cgpandey hotelmis up to c572198e6c4780fccc63b1d3e8f3f72f825fc94e. This vulnerability affects unknown code of the file admin.php of the component HTTP GET Request Handler. The manipulation of the argument Search leads to cross site scripting. The attack can be initiated remotely. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available.
References (3)
Core 3
Core References
Permissions Required, VDB Entry vdb-entry
technical-description
https://vuldb.com/?id.316864
Permissions Required, VDB Entry signature
permissions-required
https://vuldb.com/?ctiid.316864
Permissions Required, VDB Entry third-party-advisory
https://vuldb.com/?submit.616838
Scores
CVSS v3
3.5
EPSS
0.0023
EPSS Percentile
13.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-79
CWE-94
Status
published
Products (1)
cgpandey/hotelmis
c572198e6c4780fccc63b1d3e8f3f72f825fc94e
Published
Jul 18, 2025
Tracked Since
Feb 18, 2026