Rewterz Threat Advisory – PHPGurukul Complaint Management System

Rewterz Threat Alert – Malicious URLs Using Covid-19

April 24, 2020

Rewterz Threat Alert – TA505 New Coronavirus Campaign

April 27, 2020

Rewterz Threat Advisory – PHPGurukul Complaint Management System

Severity

Medium

Analysis Summary

PHPGurukul Complaint Management System is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the resgistration.php script. A remote attacker could exploit this vulnerability using a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

Impact

Cross-Site Scripting

Affected Vendors

PHPGurukul

Affected Products

PHPGurukul Complaint Management System 4.2

Remediation

Upgrade to the latest version of PHPGurukul Complaint Management System (4.3 or later)

Rewterz Threat Alert – Malicious URLs Using Covid-19

Rewterz Threat Alert – TA505 New Coronavirus Campaign

Rewterz Threat Advisory – PHPGurukul Complaint Management System

Severity

Analysis Summary

Impact

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan