CVE Details
Basic Information
| Title | PHPGurukul Online Fire Reporting System manage-teams.php sql injection |
|---|---|
| Type | cve |
| Published | 2025-06-04T22:31:09.364Z |
| Last Seen |
Product Information
| Vendor | PHPGurukul |
|---|---|
| Product | Online Fire Reporting System |
| Version | 1.2 |
CVSS Information
| Base Score | 5.3 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N |
| Confidentiality Impact | |
| Integrity Impact | |
| Availability Impact |
AI Analysis
| AI Description | A SQL injection vulnerability exists in PHPGurukul’s Online Fire Reporting System version 1.2. This vulnerability allows remote attackers to inject malicious SQL code via the teamid argument in manage-teams.php, potentially leading to unauthorized data access or modification. |
|---|---|
| AI Severity | Medium |
| Vendor | PHPGurukul |
| Product | Online Fire Reporting System |
| Affected Version | 1.2 |
Additional Information
| CVE List | |
|---|---|
| CWE List | CWE-89, CWE-74 |
| Bulletin Family | |
| Source Data | PHPGurukul Online Fire Reporting System 1.2 |
Source Information
| Source Data | PHPGurukul Online Fire Reporting System 1.2 |
|---|---|
| Source Link |
Description
A vulnerability classified as critical has been found in PHPGurukul Online Fire Reporting System 1.2. This affects an unknown part of the file /admin/manage-teams.php. The manipulation of the argument teamid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS Score Summary
Base Score: 5.3 (MEDIUM)