CVE-2025-5216

MEDIUM6.9/ 10.0
Share:
Published: May 27, 2025 at 01:15 AM
Modified: June 5, 2025 at 03:59 PM
Source: cna@vuldb.com

Vulnerability Description

A vulnerability classified as critical was found in PHPGurukul Student Record System 3.20. This vulnerability affects unknown code of the file /login.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

CVSS Metrics

Base Score
6.9
Severity
MEDIUM
Vector String
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Weaknesses (CWE)

CWE-74
CWE-89
Source: cna@vuldb.com
CWE-89
Source: nvd@nist.gov

References & Intelligence

https://github.com/y7syeu/CVE/issues/1
Source: cna@vuldb.com
ExploitThird Party Advisory
https://phpgurukul.com/
Source: cna@vuldb.com
Product
https://vuldb.com/?ctiid.310312
Source: cna@vuldb.com
Permissions RequiredVDB Entry
https://vuldb.com/?id.310312
Source: cna@vuldb.com
Third Party AdvisoryVDB Entry
https://vuldb.com/?submit.582936
Source: cna@vuldb.com
Third Party AdvisoryVDB Entry

Related Resources

Browse CVE Database
Search 294,000+ vulnerabilities
CVEs from 2025
View all vulnerabilities this year
CWE Database
Explore weakness categories
Security Writeups
Learn from real-world examples
About 4nuxd
Cybersecurity research & tools
Homepage
Explore more security resources