PHPGurukul Login and User Management System yesterday-reg-users.php sql injection

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was found in PHPGurukul Login and User Management System 3.3. It has been declared as critical. This vulnerability affects unknown code of the file /admin/yesterday-reg-users.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Basic Information

ID CVE-2025-8158

Source VulDB

Published Jul 25, 2025 at 13:32

Modified Jul 25, 2025 at 13:52

Affected Product

Vendor PHPGurukul

Product Login and User Management System

Version 3.3

Affected Versions PHPGurukul Login and User Management System 3.3

CWE Classification

CWE-89 CWE-74

References

{
    "lastseen": "",
    "description": "A vulnerability was found in PHPGurukul Login and User Management System 3.3. It has been declared as critical. This vulnerability affects unknown code of the file /admin/yesterday-reg-users.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.",
    "published": "2025-07-25T13:32:06.411Z",
    "modified": "2025-07-25T13:52:12.866Z",
    "type": "cve",
    "title": "PHPGurukul Login and User Management System yesterday-reg-users.php sql injection",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.317572\nhttps://vuldb.com/?ctiid.317572\nhttps://vuldb.com/?submit.620608\nhttps://github.com/secfake/mycve/issues/3\nhttps://phpgurukul.com/",
    "id": "CVE-2025-8158",
    "bulletinFamily": "",
    "cwe": [
        "CWE-89",
        "CWE-74"
    ],
    "cvelist": null,
    "sourceData": "PHPGurukul Login and User Management System 3.3",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Login and User Management System",
    "version": "3.3",
    "vendor": "PHPGurukul",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

PHPGurukul Login and User Management System yesterday-reg-users.php sql injection_CVE-2025-8158