CVE-2025-44184

Description

SourceCodester Best Employee Management System V1.0 is vulnerable to Cross Site Scripting (XSS) in /admin/profile.php via the website_image, fname, lname, contact, username, and address parameters.

PUBLISHED Reserved 2025-04-22 | Published 2025-05-14 | Updated 2025-05-15 | Assigner mitre

References

github.com/...t-Employee-Management-System-1.0-Stored XSS.md exploit

www.sourcecodester.com/...mployee-management-system-php.html

github.com/...t-Employee-Management-System-1.0-Stored XSS.md

cve.org (CVE-2025-44184)

nvd.nist.gov (CVE-2025-44184)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.