PHPGurukul Local Services Search Engine Management System changeimage.php sql injection

6.9 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability classified as critical was found in PHPGurukul Local Services Search Engine Management System 2.1. Affected by this vulnerability is an unknown functionality of the file /admin/changeimage.php. The manipulation of the argument editid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Basic Information

ID CVE-2025-8179

Source VulDB

Published Jul 26, 2025 at 05:02

Modified Jul 28, 2025 at 16:05

Affected Product

Vendor PHPGurukul

Product Local Services Search Engine Management System

Version 2.1

Affected Versions PHPGurukul Local Services Search Engine Management System 2.1

CWE Classification

CWE-89 CWE-74

References

{
    "lastseen": "",
    "description": "A vulnerability classified as critical was found in PHPGurukul Local Services Search Engine Management System 2.1. Affected by this vulnerability is an unknown functionality of the file /admin/changeimage.php. The manipulation of the argument editid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.",
    "published": "2025-07-26T05:02:07.168Z",
    "modified": "2025-07-28T16:05:17.872Z",
    "type": "cve",
    "title": "PHPGurukul Local Services Search Engine Management System changeimage.php sql injection",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.317593\nhttps://vuldb.com/?ctiid.317593\nhttps://vuldb.com/?submit.621933\nhttps://github.com/yuan-max11/mycve/issues/1\nhttps://phpgurukul.com/",
    "id": "CVE-2025-8179",
    "bulletinFamily": "",
    "cwe": [
        "CWE-89",
        "CWE-74"
    ],
    "cvelist": null,
    "sourceData": "PHPGurukul Local Services Search Engine Management System 2.1",
    "sourceHref": "",
    "cvss": {
        "score": 6.9,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Local Services Search Engine Management System",
    "version": "2.1",
    "vendor": "PHPGurukul",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

PHPGurukul Local Services Search Engine Management System changeimage.php sql injection_CVE-2025-8179