CVE Details
Basic Information
| Title | PHPGurukul Notice Board System search-notice.php sql injection |
|---|---|
| Type | cve |
| Published | 2025-06-04T05:00:23.572Z |
| Last Seen |
Product Information
| Vendor | PHPGurukul |
|---|---|
| Product | Notice Board System |
| Version | 1.0 |
CVSS Information
| Base Score | 5.3 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N |
| Confidentiality Impact | |
| Integrity Impact | |
| Availability Impact |
AI Analysis
| AI Description | A critical SQL injection vulnerability exists in PHPGurukul Notice Board System 1.0, allowing remote attackers to manipulate the ‘searchdata’ parameter in the ‘/search-notice.php’ file. This could lead to unauthorized access to the database and potential data manipulation or exfiltration. |
|---|---|
| AI Severity | High |
| Vendor | PHPGurukul |
| Product | Notice Board System |
| Affected Version | 1.0 |
Additional Information
| CVE List | |
|---|---|
| CWE List | CWE-89, CWE-74 |
| Bulletin Family | |
| Source Data | PHPGurukul Notice Board System 1.0 |
Source Information
| Source Data | PHPGurukul Notice Board System 1.0 |
|---|---|
| Source Link |
Description
A vulnerability classified as critical has been found in PHPGurukul Notice Board System 1.0. This affects an unknown part of the file /search-notice.php. The manipulation of the argument searchdata leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS Score Summary
Base Score: 5.3 (MEDIUM)