CVE Catalog
CVE-2025-45947
CriticalCVSS 9.8Exploitation Probability (EPSS)
Low risk0.61%
45th percentile - higher than 45% of all known CVEs
Summary
A vulnerability in the Online Banquet Booking System V1.2 allows a remote attacker to execute arbitrary code via the /obbs/change-password.php file in the change password component.
Risk Assessment
An attacker can take over the server, steal data, or install malware, compromising the confidentiality and integrity of the system.
Recommendation
Immediately update the system to the latest version or apply a security patch, and restrict access to the change-password.php file.
Original NVD description (English source)
An issue in phpgurukul Online Banquet Booking System V1.2 allows an attacker to execute arbitrary code via the /obbs/change-password.php file of the My Account - Change Password component

