CVE Details
Basic Information
| Title | PHPGurukul Online Birth Certificate System all-applications.php sql injection |
|---|---|
| Type | cve |
| Published | 2025-05-31T10:00:09.562Z |
| Last Seen |
Product Information
| Vendor | PHPGurukul |
|---|---|
| Product | Online Birth Certificate System |
| Version | 2.0 |
CVSS Information
| Base Score | 5.3 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N |
| Confidentiality Impact | |
| Integrity Impact | |
| Availability Impact |
AI Analysis
| AI Description | A SQL injection vulnerability exists in the /admin/all-applications.php file of PHPGurukul Online Birth Certificate System 2.0. The vulnerability is due to improper handling of the ‘del’ parameter, allowing an attacker to execute arbitrary SQL commands. The vulnerability can be exploited remotely and has been publicly disclosed. |
|---|---|
| AI Severity | Medium |
| Vendor | PHPGurukul |
| Product | Online Birth Certificate System |
| Affected Version | 2.0 |
Additional Information
| CVE List | |
|---|---|
| CWE List | CWE-89, CWE-74 |
| Bulletin Family | |
| Source Data | PHPGurukul Online Birth Certificate System 2.0 |
Source Information
| Source Data | PHPGurukul Online Birth Certificate System 2.0 |
|---|---|
| Source Link |
Description
A vulnerability was found in PHPGurukul Online Birth Certificate System 2.0 and classified as critical. This issue affects some unknown processing of the file /admin/all-applications.php. The manipulation of the argument del leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVSS Score Summary
Base Score: 5.3 (MEDIUM)