Overview
The vulnerability CVE-2025-45805 is a critical security flaw affecting the phpgurukul Doctor Appointment Management System 1.0. It allows an authenticated doctor user to inject arbitrary JavaScript code into their profile name, which is later executed without proper sanitization when a user visits the website to book an appointment. This poses a significant risk to users and the system itself, as it opens the door to potential system compromises and data leakage.
Vulnerability Summary
CVE ID: CVE-2025-45805
Severity: High (7.6 CVSS Score)
Attack Vector: Web based
Privileges Required: Low (Authenticated doctor user)
User Interaction: Required
Impact: System compromise or data leakage
Affected Products
Share secrets securely
Ameeba is private infrastructure for communication and sensitive work built on encrypted identity instead of exposed corporate identity systems.
Passwords, credentials, confidential files, screenshots, internal discussions, sensitive AI context, and private coordination should not become exposed across ordinary communication platforms.
- • Encrypted identity
- • Private Spaces for organizations and teams
- • End-to-end encrypted chat, calls, files, and notes
- • Sensitive AI work and protected collaboration
- • Built for information that cannot leak
Our mission is to secure human work alongside AI.
Product | Affected Versions
phpgurukul Doctor Appointment Management System | 1.0
How the Exploit Works
The exploit takes advantage of the lack of proper sanitization of the doctor’s profile name in the Doctor Appointment Management System. An authenticated doctor user can insert JavaScript code into their profile name. When a user visits the website to book an appointment, the injected JavaScript code is executed, potentially leading to system compromise or data leakage.
Conceptual Example Code
Consider the following conceptual example of how this vulnerability might be exploited. This is a pseudocode representation of the malicious JavaScript injection:
PUT /doctor/profile HTTP/1.1
Host: target.example.com
Content-Type: application/json
Authorization: Bearer doctorAuthToken
{ "profile_name": "<script>malicious_code_here</script>" }
In this example, `malicious_code_here` is the arbitrary JavaScript code that the attacker wants to run on the client’s browser when they visit the doctor’s profile. This could be used to steal sensitive information or perform other malicious activities.
Mitigation Guidance
Users of phpgurukul Doctor Appointment Management System 1.0 are advised to install the vendor’s patch as soon as it becomes available. As an interim measure, employing a Web Application Firewall (WAF) or Intrusion Detection System (IDS) can provide some level of protection by detecting and blocking attempts to exploit this vulnerability. Regularly reviewing and updating security policies can also help to minimize the risk of future attacks.
