CVE Details
Basic Information
| Title | PHPGurukul Art Gallery Management System changepropic.php sql injection |
|---|---|
| Type | cve |
| Published | 2025-06-21T17:00:17.094Z |
| Last Seen |
Product Information
| Vendor | PHPGurukul |
|---|---|
| Product | Art Gallery Management System |
| Version | 1.1 |
CVSS Information
| Base Score | 5.3 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P |
| Confidentiality Impact | |
| Integrity Impact | |
| Availability Impact |
AI Analysis
| AI Description | A SQL injection vulnerability in PHPGurukul Art Gallery Management System 1.1 allows remote attackers to inject malicious SQL code via the imageid argument in changepropic.php. This could lead to unauthorized data access or modification. The vulnerability is considered critical and has been publicly disclosed. |
|---|---|
| AI Severity | Medium |
| Vendor | PHPGurukul |
| Product | Art Gallery Management System |
| Affected Version | 1.1 |
Affected Products
- PHPGurukul Art Gallery Management System 1.1
Additional Information
| CVE List | |
|---|---|
| CWE List | CWE-89, CWE-74 |
| Bulletin Family |
References
Description
A vulnerability was found in PHPGurukul Art Gallery Management System 1.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/changepropic.php. The manipulation of the argument imageid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.