CVE Details
Basic Information
| Title | PHPGurukul Directory Management System searchdata.php sql injection |
|---|---|
| Type | cve |
| Published | 2025-06-20T10:00:11.793Z |
| Last Seen |
Product Information
| Vendor | PHPGurukul |
|---|---|
| Product | Directory Management System |
| Version | 1.0 |
CVSS Information
| Base Score | 6.9 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P |
| Confidentiality Impact | |
| Integrity Impact | |
| Availability Impact |
AI Analysis
| AI Description | A critical SQL injection vulnerability exists in PHPGurukul Directory Management System 1.0. The vulnerability is in the searchdata parameter of searchdata.php, allowing remote attackers to inject SQL code. This can lead to unauthorized access and data manipulation. The exploit is publicly known and could be widely used. |
|---|---|
| AI Severity | Medium |
| Vendor | PHPGurukul |
| Product | Directory Management System |
| Affected Version | 1.0 |
Affected Products
- PHPGurukul Directory Management System 1.0
Additional Information
| CVE List | |
|---|---|
| CWE List | CWE-89, CWE-74 |
| Bulletin Family |
References
Description
A vulnerability classified as critical has been found in PHPGurukul Directory Management System 1.0. Affected is an unknown function of the file /searchdata.php. The manipulation of the argument searchdata leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.