CVE Details
Basic Information
| Title |
PHPGurukul Zoo Management System view-foreigner-ticket.php sql injection |
| Type |
cve |
| Published |
2025-05-19T04:31:06.619Z |
| Last Seen |
|
CVSS Information
| Base Score |
0.0 () |
| Attack Vector |
|
| Attack Complexity |
|
| Privileges Required |
|
| User Interaction |
|
| Scope |
|
| Confidentiality Impact |
|
| Integrity Impact |
|
| Availability Impact |
|
AI Analysis
| AI Description |
A critical SQL injection vulnerability exists in the Zoo Management System 2.1 by PHPGurukul. The vulnerability is found in the `/admin/view-foreigner-ticket.php` file, where the `viewid` parameter is not properly sanitized, allowing remote attackers to execute arbitrary SQL commands. The exploit is publicly available and can be used to compromise the system. |
| AI Severity |
High |
| Vendor |
PHPGurukul |
| Product |
Zoo Management System |
| Affected Version |
2.1 |
Additional Information
| CVE List |
|
| CWE List |
CWE-89, CWE-74 |
| Bulletin Family |
|
Description
A vulnerability, which was classified as critical, was found in PHPGurukul Zoo Management System 2.1. Affected is an unknown function of the file /admin/view-foreigner-ticket.php. The manipulation of the argument viewid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS Score Summary
Base Score: %!f(string=#) ()
View Full CVE Details
