2 matches found
CVE-2025-60781
PHP Education Manager v1.0 is affected by a Cross-Site Scripting (XSS) vulnerability in worksheet.php via the participant_name parameter. The root cause is an unvalidated/unsanitized input in worksheet.php that can be reflected in the web page. The documents do not provide details on affected env...
CVE-2025-60782
PHP Education Manager v1.0 is vulnerable to a stored Cross Site Scripting (XSS) in the topics.php module. The Title field used when creating or updating topics can inject malicious JavaScript, which can execute in affected users’ browsers. Affected product: PHP Education Manager v1.0; vulnerable ...