CVE Details
Basic Information
| Title | PHPGurukul Online Fire Reporting System assigned-requests.php sql injection |
|---|---|
| Type | cve |
| Published | 2025-07-14T07:02:06.863Z |
| Modified | 2025-07-14T07:02:06.863Z |
Product Information
| Vendor | PHPGurukul |
|---|---|
| Product | Online Fire Reporting System |
| Version | 1.2 |
CVSS Information
| Base Score | 5.3 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P |
AI Analysis
| AI Description | A critical SQL injection vulnerability was discovered in PHPGurukul’s Online Fire Reporting System version 1.2. This vulnerability allows remote attackers to inject malicious SQL code via the teamid argument in the assigned-requests.php file. |
|---|---|
| AI Severity | Medium |
| AI Vendor | PHPGurukul |
| AI Product | Online Fire Reporting System |
| AI Version | 1.2 |
Affected Products
- PHPGurukul Online Fire Reporting System 1.2
Additional Information
| CWE List | CWE-89, CWE-74 |
|---|---|
| Source | VulDB |
Description
A vulnerability, which was classified as critical, was found in PHPGurukul Online Fire Reporting System 1.2. This affects an unknown part of the file /admin/assigned-requests.php. The manipulation of the argument teamid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.