Login Sign Up

CVE-2025-70890

6.1 MEDIUM
Cross-Site Scripting

📋 TL;DR

A stored XSS vulnerability in Cyber Cafe Management System v1.0 allows authenticated attackers to inject malicious JavaScript into username fields. This code executes in victims' browsers when viewing affected pages, potentially compromising user sessions or stealing credentials. Systems running this specific software version are affected.

💻 Affected Systems

Products:
  • Cyber Cafe Management System
Versions: v1.0
Operating Systems: Any OS running PHP/MySQL
Default Config Vulnerable: ⚠️ Yes
Notes: Requires PHP/MySQL environment. Vulnerability exists in default installation.

📦 What is this software?

Cyber Cafe Management System by Phpgurukul

View all CVEs affecting Cyber Cafe Management System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attacker steals admin credentials, takes full control of the system, accesses sensitive customer data, and potentially compromises connected systems.

🟠

Likely Case

Session hijacking, credential theft from users viewing malicious usernames, defacement of user management pages.

🟢

If Mitigated

Limited to authenticated users only, with potential for privilege escalation if lower-privileged users can target admins.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploit requires authenticated access. GitHub repository contains proof-of-concept.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Not available

Restart Required: No

Instructions:

No official patch available. Implement input validation and output encoding in add-users.php and related files.

🔧 Temporary Workarounds

Input Validation and Output Encoding

all

Implement server-side validation of username parameter and HTML encode output

Modify add-users.php to validate username input and use htmlspecialchars() or similar when displaying usernames

Content Security Policy

all

Implement CSP headers to restrict script execution

Add header: Content-Security-Policy: script-src 'self'

🧯 If You Can't Patch

  • Restrict access to user management functions to trusted administrators only
  • Implement web application firewall rules to block XSS payloads in username parameter

🔍 How to Verify

Check if Vulnerable:

Test by entering <script>alert('XSS')</script> as username in add-users.php and check if it executes when viewing user list

Check Version:

Check software version in admin panel or readme files

Verify Fix Applied:

Test with same payload after implementing fixes - script should not execute and should appear as plain text

📡 Detection & Monitoring

Log Indicators:

  • Unusual username entries containing script tags or JavaScript code
  • Multiple failed login attempts followed by successful login with suspicious username

Network Indicators:

  • POST requests to add-users.php with script payloads in parameters

SIEM Query:

source="web_logs" AND (uri="/add-users.php" AND (param="username" CONTAINS "<script>" OR param="username" CONTAINS "javascript:"))

📊 Metadata

CVE ID: CVE-2025-70890
CVSS v3 Score: 6.1 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CWE: CWE-79
EPSS Score: 0.04% exploit probability (9.7th percentile)
Published: January 15, 2026
Last Updated: January 22, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-70890, you might also want to check these:

CVE-2021-39199 10.0

CVE-2021-39199 is a critical cross-site scripting (XSS) vulnerability in the remark-html Node.js lib...

Same vulnerability type (CWE-79)
CVE-2021-32671 10.0

This vulnerability in Flarum forum software allows attackers to inject malicious HTML/JavaScript int...

Same vulnerability type (CWE-79)
CVE-2021-32798 10.0

CVE-2021-32798 is a critical vulnerability in Jupyter Notebook that allows malicious notebook files ...

Same vulnerability type (CWE-79)