CVE-2025-70891

CVE-2025-70891 is a stored XSS vulnerability in Phpgurukul Cyber Cafe Management System v1.0, affecting the add-users.php endpoint’s uadd parameter. The issue arises from insufficient sanitization/encoding of user input, allowing an authenticated attacker to persistently store arbitrary JavaScrip...

PT-2026-3116

Name of the Vulnerable Software and Affected Versions Phpgurukul Cyber Cafe Management System version 1.0 Description The application does not properly validate user-supplied input in the username parameter. This occurs within the user management module, specifically at the /add-users.php API...

CVE-2025-70892

Phpgurukul Cyber Cafe Management System v1.0 contains a SQL Injection vulnerability in the user management module. The application fails to properly validate user-supplied input in the username parameter of the add-users.php endpoint...

PT-2026-3115

Name of the Vulnerable Software and Affected Versions Phpgurukul Cyber Cafe Management System version 1.0 Description The application does not properly sanitize or encode user-supplied input submitted via the uadd parameter in the /add-users.php API endpoint, leading to a stored cross-site...

CVE-2025-70892

CVE-2025-70892 affects Phpgurukul Cyber Cafe Management System v1.0. A SQL Injection flaw exists in the user management module via the add-users.php endpoint, specifically in the username parameter where input is not properly validated. This vulnerability is described across multiple sources (NVD...

CVE-2025-70890

A stored cross-site scripting XSS vulnerability exists in Cyber Cafe Management System v1.0. An authenticated attacker can inject arbitrary JavaScript code into the username parameter via the add-users.php endpoint. The injected payload is stored and executed in the victim s browser when the...

CVE-2025-70891

A stored cross-site scripting XSS vulnerability exists in Phpgurukul Cyber Cafe Management System v1.0 within the user management module. The application does not properly sanitize or encode user-supplied input submitted via the uadd parameter in the add-users.php endpoint. An authenticated...

EUVD-2026-2701

Phpgurukul Cyber Cafe Management System v1.0 contains a SQL Injection vulnerability in the user management module. The application fails to properly validate user-supplied input in the username parameter of the add-users.php endpoint...

PHPGurukul Cyber Cafe Management System 安全漏洞

Cyber Cafe Management System is an internet cafe management system. A cross-site scripting vulnerability exists in Cyber Cafe Management System that stems from the uadd parameter of the add-users.php endpoint not being sufficiently cleaned up or coded for user input, and for which no detailed...

CVE-2025-70890

A stored cross-site scripting XSS vulnerability exists in Cyber Cafe Management System v1.0. An authenticated attacker can inject arbitrary JavaScript code into the username parameter via the add-users.php endpoint. The injected payload is stored and executed in the victim s browser when the...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003032)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003032 advisory. The KEYS subsystem in the Linux kernel through 4.13.7 mishandles use of addkey for a key that already exists but is uninstantiated, which allows local users to cause...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003207)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003207 advisory. The bnepaddconnection function in net/bluetooth/bnep/core.c in the Linux kernel before 3.19 does not ensure that an l2cap socket is available, which allows local use...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002246)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002246 advisory. Race condition in the IPC object implementation in the Linux kernel through 4.2.3 allows local users to gain privileges by triggering an ipcaddid call that leads to...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001890)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001890 advisory. The ip6routeadd function in net/ipv6/route.c in the Linux kernel through 3.13.6 does not properly count the addition of routes, which allows remote attackers to caus...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001971)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001971 advisory. Memory leak in the keylinkend function in security/keys/keyring.c in the Linux kernel before 4.1.4 allows local users to cause a denial of service memory consumption...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002722)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002722 advisory. The addfreenid function in fs/f2fs/node.c in the Linux kernel before 4.12 does not properly track an allocated nid, which allows local users to cause a denial of...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003159)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003159 advisory. security/keys/keyctl.c in the Linux kernel before 4.11.5 does not consider the case of a NULL payload in conjunction with a nonzero length value, which allows local...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002402)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002402 advisory. Use-after-free vulnerability in the xacctaddtsk function in kernel/tsacct.c in the Linux kernel before 2.6.19 allows local users to obtain potentially sensitive...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002671)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002671 advisory. security/keys/keyctl.c in the Linux kernel before 4.11.5 does not consider the case of a NULL payload in conjunction with a nonzero length value, which allows local...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002143)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002143 advisory. Memory leak in the keylinkend function in security/keys/keyring.c in the Linux kernel before 4.1.4 allows local users to cause a denial of service memory consumption...