CVE-2026-6162 PUBLISHED

A vulnerability has been found in PHPGurukul Company Visitor Management System 2.0. This impacts an unknown function of the file /bwdates-reports-details.php. The manipulation of the argument fromdate leads to cross site scripting. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used.

• VDB-357048 | PHPGurukul Company Visitor Management System bwdates-reports-details.php cross site scripting
• VDB-357048 | CTI Indicators (IOB, IOC, TTP, IOA)
• Submit #797171 | PHPGurukul Company Visitors Management System 2.0 Cross Site Scripting
• https://github.com/f1rstb100d/CVE/issues/44
• https://phpgurukul.com/

• Cross Site Scripting CWE
• Code Injection CWE