CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-51971

A reflected Cross-Site Scripting (XSS) vulnerability exists in register.php of PuneethReddyHC Online Shopping System Advanced 1.0. Unsanitized user input in the f_name parameter is reflected in the server response without proper HTML encoding or output escaping. This allows remote attackers to inject arbitrary JavaScript code.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 12.2%

CVSS Severity

CVSS v3 Score 5.4

References

https://github.com/jairajparyani/CVE-s/blob/main/CVE-2025-51971%20%E2%80%93%20Reflected%20Cross-Site%20Scripting%20%28XSS%29%20in%20Online%20Shopping%20System

Products affected by CVE-2025-51971

Puneethreddyhc » Online Shopping System Advanced » Version: 1.0

cpe:2.3:a:puneethreddyhc:online_shopping_system_advanced:1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-51971

Products

Pricing

Contact Us