CVE Details
Basic Information
| Title | PHPGurukul Online Fire Reporting System bwdates-report-result.php sql injection |
|---|---|
| Type | cve |
| Published | 2025-07-14T01:14:06.730Z |
| Modified | 2025-07-14T01:14:06.730Z |
Product Information
| Vendor | PHPGurukul |
|---|---|
| Product | Online Fire Reporting System |
| Version | 1.2 |
CVSS Information
| Base Score | 5.3 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P |
AI Analysis
| AI Description | A SQL injection vulnerability exists in the bwdates-report-result.php file of PHPGurukul Online Fire Reporting System version 1.2. This allows remote attackers to inject SQL code via the fromdate or todate arguments, potentially leading to data manipulation or extraction. |
|---|---|
| AI Severity | Medium |
| AI Vendor | PHPGurukul |
| AI Product | Online Fire Reporting System |
| AI Version | 1.2 |
Affected Products
- PHPGurukul Online Fire Reporting System 1.2
Additional Information
| CWE List | CWE-89, CWE-74 |
|---|---|
| Source | VulDB |
Description
A vulnerability was found in PHPGurukul Online Fire Reporting System 1.2. It has been classified as critical. This affects an unknown part of the file /admin/bwdates-report-result.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.