CVE Details
Basic Information
| Title |
CVE-2025-4934 |
| Type |
cve |
| Published |
2025-05-19T14:15:27 |
| Last Seen |
2025-05-19T14:18:23 |
CVSS Information
| Base Score |
7.3 (HIGH) |
| Attack Vector |
NETWORK |
| Attack Complexity |
LOW |
| Privileges Required |
NONE |
| User Interaction |
NONE |
| Scope |
UNCHANGED |
| Confidentiality Impact |
LOW |
| Integrity Impact |
LOW |
| Availability Impact |
LOW |
AI Analysis
| AI Description |
A SQL injection vulnerability was discovered in the PHPGurukul User Registration & Login and User Management System version 3.3. This vulnerability affects the /edit-profile.php file and can be exploited remotely by manipulating the Contact argument. The exploit is publicly disclosed, posing a potential risk to users. |
| AI Severity |
High |
| Vendor |
PHPGurukul |
| Product |
PHPGurukul User Registration & Login and User Management System |
| Affected Version |
3.3 |
Additional Information
| CVE List |
CVE-2025-4934 |
| CWE List |
CWE-89, CWE-74 |
| Bulletin Family |
cve |
Description
A vulnerability has been found in PHPGurukul User Registration & Login and User Management System 3.3 and classified as critical. This vulnerability affects unknown code of the file /edit-profile.php. The manipulation of the argument Contact leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS Score Summary
Base Score: %!f(string=#) (HIGH)
View Full CVE Details
