CVE Details
Basic Information
| Title | PHPGurukul Online Nurse Hiring System bwdates-report-details.php sql injection |
|---|---|
| Type | cve |
| Published | 2025-05-27T04:00:13.773Z |
| Last Seen |
Product Information
| Vendor | PHPGurukul |
|---|---|
| Product | Online Nurse Hiring System |
| Version | 1.0 |
CVSS Information
| Base Score | 6.9 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N |
| Confidentiality Impact | |
| Integrity Impact | |
| Availability Impact |
AI Analysis
| AI Description | A critical SQL injection vulnerability exists in PHPGurukul’s Online Nurse Hiring System 1.0, specifically in the /admin/bwdates-report-details.php file. The vulnerability is due to improper handling of the fromdate and todate parameters, allowing attackers to execute arbitrary SQL commands remotely. The exploit has been publicly disclosed and is potentially exploitable. |
|---|---|
| AI Severity | High |
| Vendor | PHPGurukul |
| Product | Online Nurse Hiring System |
| Affected Version | 1.0 |
Additional Information
| CVE List | |
|---|---|
| CWE List | CWE-89, CWE-74 |
| Bulletin Family | |
| Source Data | PHPGurukul Online Nurse Hiring System 1.0 |
Source Information
| Source Data | PHPGurukul Online Nurse Hiring System 1.0 |
|---|---|
| Source Link |
Description
A vulnerability classified as critical has been found in PHPGurukul Online Nurse Hiring System 1.0. This affects an unknown part of the file /admin/bwdates-report-details.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS Score Summary
Base Score: 6.9 (MEDIUM)