CVE Details
Basic Information
| Title | PHPGurukul Vehicle Record Management System search-vehicle.php sql injection |
|---|---|
| Type | cve |
| Published | 2025-06-10T03:31:06.816Z |
| Last Seen |
Product Information
| Vendor | PHPGurukul |
|---|---|
| Product | Vehicle Record Management System |
| Version | 1.0 |
CVSS Information
| Base Score | 6.9 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P |
| Confidentiality Impact | |
| Integrity Impact | |
| Availability Impact |
AI Analysis
| AI Description | A SQL Injection vulnerability exists in the /admin/search-vehicle.php file of PHPGurukul Vehicle Record Management System 1.0. The ‘searchinputdata’ parameter is vulnerable, allowing remote attackers to execute arbitrary SQL commands. The vulnerability has been publicly disclosed and may be exploited. |
|---|---|
| AI Severity | High |
| Vendor | PHPGurukul |
| Product | Vehicle Record Management System |
| Affected Version | 1.0 |
Affected Products
- PHPGurukul Vehicle Record Management System 1.0
Additional Information
| CVE List | |
|---|---|
| CWE List | CWE-89, CWE-74 |
| Bulletin Family |
References
Description
A vulnerability was found in PHPGurukul Vehicle Record Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/search-vehicle.php. The manipulation of the argument searchinputdata leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.